Explore practical approaches to securing microservices in this informative conference talk. Delve into the challenges of application design in a distributed environment, focusing on security considerations unique to microservices architecture. Learn how to implement industry-wide standards like OAuth2, OpenID Connect, and social sign-on methods through the lens of a real-world scenario using the text-based microservice adventure Game On!. Discover strategies for achieving dev/production parity and gain insights into utilizing JSON web tokens, time-related fields, and message hashing. Understand the importance of adapting security practices when transitioning from monolithic to microservices-based applications, and explore the implementation of these concepts using tools like GitHub and Liberty.
Overview
Syllabus
Intro
What are microservices
What is GameOn
Who are you
Social Signon
Registration
Backend system
JSON web tokens
Time related fields
How are we using them
Sign JWT
Hash Message
Development vs Production
GitHub
Liberty
Taught by
Devoxx
Related Courses
-
Introduction to OAuth2, OpenID Connect and JSON Web Tokens (JWT)
-
PHP User Authentication Course (How To)
-
One Does Not Simply Log In - SSO for Web APIs
-
Three Profiles of OAuth2 for Identity and Access Management - 2016
-
Implementing Microservices Security Patterns & Protocols
-
OpenID Connect as SSO Solution - Strengths and Weaknesses
