instant security & scalable user management with spring boot
TRANSCRIPT
![Page 1: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/1.jpg)
@lhazlewood | @goStormpath
Instant Security& Scalable User Management
with Spring Boot
Les Hazlewood @lhazlewoodApache Shiro Project Chair
CTO, Stormpath stormpath.com
![Page 2: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/2.jpg)
@lhazlewood | @goStormpath
Spring Security• Authentication• Authorization• Enforcement• No user management
![Page 3: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/3.jpg)
@lhazlewood | @goStormpath
You’re on the hook for:• Data store integration• Data modeling• HTML pages• CSRF view support• Email verification• Forgot password• Oauth2 / Social setup• SAML coordination
• Crypto choices• Multi-factor auth• Scale / growth• SaaS Multi-Tenancy• Mobile auth strategy• Microservice auth• Best practices• ...etc...
![Page 4: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/4.jpg)
@lhazlewood | @goStormpath
Traditional ApplicationYour
Application
Users
![Page 5: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/5.jpg)
@lhazlewood | @goStormpath
What about new stores?
Users LDAP/AD
Your Application
![Page 6: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/6.jpg)
@lhazlewood | @goStormpath
And legacy migration?
Legacy Users LDAP/ADNew
Users
Your Application
![Page 7: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/7.jpg)
@lhazlewood | @goStormpath
And Social?
Legacy Users LDAP/AD Google
Apps Facebook GitHubNew Users
Your Application
![Page 8: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/8.jpg)
@lhazlewood | @goStormpath
And SSO/SAML?
Legacy Users LDAP/AD Google
Apps Facebook GitHubNew Users
Your Application
PingOkta
Azure ADFS
Oracle SSO
SiteMinderLinkedIn
OneLogin
![Page 9: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/9.jpg)
@lhazlewood | @goStormpath
And Multi-Tenant / SaaS ?
Legacy Users LDAP/AD Google
Apps Facebook GitHubNew Users
Your Application
PingOkta
Azure ADFS
Oracle SSO SiteMinder LinkedIn
OneLogin
Customer A
Customer CCustomer F
Customer B
Customer D Customer E
Customer G
![Page 10: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/10.jpg)
@lhazlewood | @goStormpath
Oh the Hue Manatee!
![Page 11: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/11.jpg)
@lhazlewood | @goStormpath
Stormpath takes you from this...
Legacy Users LDAP/AD Google
Apps Facebook GitHubNew Users
Your Application
PingOkta
Azure ADFS
Oracle SSO SiteMinder LinkedIn
OneLogin
Customer A
Customer CCustomer F
Customer B
Customer D Customer E
Customer G
![Page 12: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/12.jpg)
@lhazlewood | @goStormpath
To this...Your
Application
![Page 13: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/13.jpg)
@lhazlewood | @goStormpath
To this...Your
ApplicationYour
ApplicationYour
ApplicationYour
Application...
![Page 14: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/14.jpg)
@lhazlewood | @goStormpath
But much more than a backend• Application SDKs• Framework Integrations• Best practices
![Page 15: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/15.jpg)
@lhazlewood | @goStormpath
Live Demo Time!
![Page 16: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/16.jpg)
@lhazlewood | @goStormpath
Pages & Workflows
![Page 17: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/17.jpg)
@lhazlewood | @goStormpath
SSO & Social
![Page 18: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/18.jpg)
@lhazlewood | @goStormpath
OAuth & Mobile
![Page 19: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/19.jpg)
@lhazlewood | @goStormpath
Flexible Authorization
![Page 20: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/20.jpg)
@lhazlewood | @goStormpath
Application
Servlet Filters
How does it work?Spring Security Stormpath MVC
Stormpath SDK
...
![Page 21: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/21.jpg)
@lhazlewood | @goStormpath
Stormpath works hard for you• Java SDK 1.0.0 released last Tuesday!• SDK + Integration Effort: ~ 8 man years• Extreme customizability• Automatic defaults• Often no code required
![Page 22: Instant Security & Scalable User Management with Spring Boot](https://reader035.vdocuments.mx/reader035/viewer/2022062523/5876b91c1a28abad1a8b66d5/html5/thumbnails/22.jpg)
@lhazlewood | @goStormpath
Thank You!• [email protected]• Twitter: @lhazlewood• https://stormpath.com