<- See All Sessions


Implementing Microservices Security Patterns and Protocols with Spring Security


Thursday
10:30am11:40am
16AB




Modern Web
Security
Developer

Building secure microservices requires mastering a variety of patterns, protocols, frameworks, and technologies. This session provides a holistic end-to-end view of how to secure microservices using industry standard protocols and Spring Security. The goal is to present how standards such as JWT, JWA, JWS, JWE, JWK, OAuth2, OpenID Connect, and TLS can be combined to make writing secure microservices easy.

The session will focus on walkthroughs/live coding showing how to apply the patterns and standards using Spring Security 5.1. The following patterns and their implementations will be demonstrated:

  • Web SSO Login

  • implementing OAuth2 resource servers

  • implementing edge service gateways

  • Token Exchange in a microservice call chain

  • Token Relay in a microservice call chain

  • integration with OpenID Connect/OAuth2 Servers

  • features of Spring Security 5.1 that make it easier to secure microservices