SlideShare a Scribd company logo

Spring Boot Authentication...and More!

Download as PPTX, PDF
Stormpath
Stormpath

Sign up for Stormpath: https://api.stormpath.com/register More from Stormpath: https://stormpath.com/blog Join Stormpath Java Developer Evangelist Micah Silverman for a technical overview of the common pain points with Java authentication. We'll cover how to solve them with Stormpath in a Spring Boot application, and demonstrate how to quickly add a complete user management system to your Spring Boot app. By the end of this webinar, you’ll be on your way to a fully functioning Spring Boot app backed by Stormpath. Topics Covered: Authentication Pain Points in Java Stormpath, Spring Boot, and Your Architecture Demo: Auth in Spring Boot, with these features: A complete user registration and login system Pre-built login screens Password reset workflows Group-based authorization Advanced user features: API authentication, Single Sign-On, social login, and more Technical Q&A

Technology
1 of 12
1 © 2016 Pivotal Spring Boot Authentication... and More! Micah Silverman, Java Developer Evangelist, Stormpath @afitnerd
2 Learn More. Stay Connected. Twitter: twitter.com/gostormpath Blog: stormpath.com/blog GitHub: github.com/stormpath Docs: docs.stormpath.com Twitter: twitter.com/springcentral YouTube: spring.io/video LinkedIn: spring.io/linkedin Google Plus: spring.io/gplus
3 Agenda  Authentication Pain Points in Java  Stormpath, Spring Boot, and Your Architecture  Demo: Authentication in Spring Boot with these features: • A complete user registration and login system • Pre-built login screens • Password reset workflows • Group-based authorization • Advanced user features: API authentication, Single Sign-On, social login, and more  Technical Q&A
4 Speed to Marketing & Cost Reduction  Complete Identity solution out-of-the-box  Security best practices and updates by default  Clean & elegant API/SDKs  Little to code, no maintenance Focus on Your Core Competency
5 Stormpath User Management User Data User Workflows Google ID Application SDK Application SDK Application SDK ID Integrations Facebook Active Directory SAML
6 Features  Secure, flexible Authentication • (Password, Token, OAuth, API)  Deep Authorization • Groups, Roles • Customer Organizations • Permissions  Customer Profile Data  Single Sign-On Across Your Apps  Hosted User Screens
7 Authentication Pain Points in Java  Typical Authentication coding tasks: • Large pile of code • NOTHING to do with your business • And you must maintain  You’re on your own: • DO NOT forget to encrypt those passwords • DO NOT forget to include CSRF tokens in your templates
8 Stormpath, Spring Boot, and Your Architecture 1. Create a Stormpath account 2. Create and API Access keyset 3. Choose your Stormpath Spring Boot Starter 4. Write your Spring Boot App
9 Stormpath Spring Boot Integration Architecture stormpath-default-spring-boot-starter stormpath- spring-boot-starter stormpath-spring stormpath-spring-security-webmvc- spring-boot-starter stormpath-thymeleaf- spring-boot-starter stormpath-webmvc- spring-boot-starter stormpath-spring-security- spring-boot-starter
10 Demo Spring Boot Starter
11 Questions?
12 Thank You!

Recommended

How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular jsStormpath
 
Multi-Tenancy with Spring Boot
Multi-Tenancy with Spring Boot Multi-Tenancy with Spring Boot
Multi-Tenancy with Spring Boot Stormpath
 
Stormpath 101: Spring Boot + Spring Security
Stormpath 101: Spring Boot + Spring SecurityStormpath 101: Spring Boot + Spring Security
Stormpath 101: Spring Boot + Spring SecurityStormpath
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Stormpath
 
Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Stormpath
 
Build a REST API for your Mobile Apps using Node.js
Build a REST API for your Mobile Apps using Node.jsBuild a REST API for your Mobile Apps using Node.js
Build a REST API for your Mobile Apps using Node.jsStormpath
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationStormpath
 
ECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsEric Shupps
 

Recommended

How to Use Stormpath in angular js
How to Use Stormpath in angular jsHow to Use Stormpath in angular js
How to Use Stormpath in angular jsStormpath
 
Multi-Tenancy with Spring Boot
Multi-Tenancy with Spring Boot Multi-Tenancy with Spring Boot
Multi-Tenancy with Spring Boot Stormpath
 
Stormpath 101: Spring Boot + Spring Security
Stormpath 101: Spring Boot + Spring SecurityStormpath 101: Spring Boot + Spring Security
Stormpath 101: Spring Boot + Spring SecurityStormpath
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Stormpath
 
Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Secure API Services in Node with Basic Auth and OAuth2
Secure API Services in Node with Basic Auth and OAuth2Stormpath
 
Build a REST API for your Mobile Apps using Node.js
Build a REST API for your Mobile Apps using Node.jsBuild a REST API for your Mobile Apps using Node.js
Build a REST API for your Mobile Apps using Node.jsStormpath
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationStormpath
 
ECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsEric Shupps
 
Instant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring BootInstant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring BootStormpath
 
Azure staticwebapps
Azure staticwebappsAzure staticwebapps
Azure staticwebappsUdaiappa Ramachandran
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantNCCOMMS
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsNCCOMMS
 
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...Eric Shupps
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...NCCOMMS
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?Jouni Heikniemi
 
Zero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resourcesZero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resourcesJoonas Westlin
 
Zero credential development with managed identities
Zero credential development with managed identitiesZero credential development with managed identities
Zero credential development with managed identitiesJoonas Westlin
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azureMichele Leroux Bustamante
 
Zero Credential Development with Managed Identities
Zero Credential Development with Managed IdentitiesZero Credential Development with Managed Identities
Zero Credential Development with Managed IdentitiesJoonas Westlin
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10Eric Shupps
 
Azure signalr service
Azure signalr serviceAzure signalr service
Azure signalr serviceUdaiappa Ramachandran
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BSjoukje Zaal
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersEric Shupps
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easySjoukje Zaal
 
Azure API Management Update
Azure API Management UpdateAzure API Management Update
Azure API Management UpdateBizTalk360
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Jeremy Gray
 
JWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and MicroservicesJWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and MicroservicesStormpath
 
Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3Stormpath
 

More Related Content

What's hot

Instant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring BootInstant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring BootStormpath
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantNCCOMMS
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsNCCOMMS
 
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...Eric Shupps
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...NCCOMMS
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?Jouni Heikniemi
 
Zero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resourcesZero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resourcesJoonas Westlin
 
Zero credential development with managed identities
Zero credential development with managed identitiesZero credential development with managed identities
Zero credential development with managed identitiesJoonas Westlin
 
Zero Credential Development with Managed Identities
Zero Credential Development with Managed IdentitiesZero Credential Development with Managed Identities
Zero Credential Development with Managed IdentitiesJoonas Westlin
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10Eric Shupps
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BSjoukje Zaal
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersEric Shupps
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easySjoukje Zaal
 
Azure API Management Update
Azure API Management UpdateAzure API Management Update
Azure API Management UpdateBizTalk360
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Jeremy Gray
 

What's hot (20)

Instant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring BootInstant Security & Scalable User Management with Spring Boot
Instant Security & Scalable User Management with Spring Boot
 
Azure staticwebapps
Azure staticwebappsAzure staticwebapps
Azure staticwebapps
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You Want
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
 
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
Pushing the Boundaries - A Deep-Dive into Real-World SharePoint Add-In and Ap...
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
O365Con18 - Connect SharePoint Framework Solutions to API's secured with Azur...
 
Azure API Management - why should I care?
Azure API Management - why should I care?Azure API Management - why should I care?
Azure API Management - why should I care?
 
Zero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resourcesZero Credential Development with Managed Identities for Azure resources
Zero Credential Development with Managed Identities for Azure resources
 
Zero credential development with managed identities
Zero credential development with managed identitiesZero credential development with managed identities
Zero credential development with managed identities
 
Deep thoughts from the real world of azure
Deep thoughts from the real world of azureDeep thoughts from the real world of azure
Deep thoughts from the real world of azure
 
Zero Credential Development with Managed Identities
Zero Credential Development with Managed IdentitiesZero Credential Development with Managed Identities
Zero Credential Development with Managed Identities
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10The SharePoint Survival Guide Top 10
The SharePoint Survival Guide Top 10
 
Azure signalr service
Azure signalr serviceAzure signalr service
Azure signalr service
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint Developers
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easy
 
Azure API Management Update
Azure API Management UpdateAzure API Management Update
Azure API Management Update
 
Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018Azure AD B2C An Introduction - DogFoodCon 2018
Azure AD B2C An Introduction - DogFoodCon 2018
 

Viewers also liked

JWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and MicroservicesJWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and MicroservicesStormpath
 
Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3Stormpath
 
Building Beautiful REST APIs in ASP.NET Core
Building Beautiful REST APIs in ASP.NET CoreBuilding Beautiful REST APIs in ASP.NET Core
Building Beautiful REST APIs in ASP.NET CoreStormpath
 
JWTs for CSRF and Microservices
JWTs for CSRF and MicroservicesJWTs for CSRF and Microservices
JWTs for CSRF and MicroservicesStormpath
 
Token Authentication in ASP.NET Core
Token Authentication in ASP.NET CoreToken Authentication in ASP.NET Core
Token Authentication in ASP.NET CoreStormpath
 
Custom Data Search with Stormpath
Custom Data Search with StormpathCustom Data Search with Stormpath
Custom Data Search with StormpathStormpath
 
The Ultimate Guide to Mobile API Security
The Ultimate Guide to Mobile API SecurityThe Ultimate Guide to Mobile API Security
The Ultimate Guide to Mobile API SecurityStormpath
 
Beautiful REST+JSON APIs with Ion
Beautiful REST+JSON APIs with IonBeautiful REST+JSON APIs with Ion
Beautiful REST+JSON APIs with IonStormpath
 
Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101 Stormpath
 
REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!Stormpath
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Stormpath
 
Getting Started With Angular
Getting Started With AngularGetting Started With Angular
Getting Started With AngularStormpath
 
Token Authentication for Java Applications
Token Authentication for Java ApplicationsToken Authentication for Java Applications
Token Authentication for Java ApplicationsStormpath
 
Building Beautiful REST APIs with ASP.NET Core
Building Beautiful REST APIs with ASP.NET CoreBuilding Beautiful REST APIs with ASP.NET Core
Building Beautiful REST APIs with ASP.NET CoreStormpath
 
So long scrum, hello kanban
So long scrum, hello kanbanSo long scrum, hello kanban
So long scrum, hello kanbanStormpath
 
Build a Node.js Client for Your REST+JSON API
Build a Node.js Client for Your REST+JSON APIBuild a Node.js Client for Your REST+JSON API
Build a Node.js Client for Your REST+JSON APIStormpath
 
Elegant Rest Design Webinar
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design WebinarStormpath
 
Build A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIBuild A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIStormpath
 
REST API Design for JAX-RS And Jersey
REST API Design for JAX-RS And JerseyREST API Design for JAX-RS And Jersey
REST API Design for JAX-RS And JerseyStormpath
 

Viewers also liked (19)

JWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and MicroservicesJWTs in Java for CSRF and Microservices
JWTs in Java for CSRF and Microservices
 
Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3Storing User Files with Express, Stormpath, and Amazon S3
Storing User Files with Express, Stormpath, and Amazon S3
 
Building Beautiful REST APIs in ASP.NET Core
Building Beautiful REST APIs in ASP.NET CoreBuilding Beautiful REST APIs in ASP.NET Core
Building Beautiful REST APIs in ASP.NET Core
 
JWTs for CSRF and Microservices
JWTs for CSRF and MicroservicesJWTs for CSRF and Microservices
JWTs for CSRF and Microservices
 
Token Authentication in ASP.NET Core
Token Authentication in ASP.NET CoreToken Authentication in ASP.NET Core
Token Authentication in ASP.NET Core
 
Custom Data Search with Stormpath
Custom Data Search with StormpathCustom Data Search with Stormpath
Custom Data Search with Stormpath
 
The Ultimate Guide to Mobile API Security
The Ultimate Guide to Mobile API SecurityThe Ultimate Guide to Mobile API Security
The Ultimate Guide to Mobile API Security
 
Beautiful REST+JSON APIs with Ion
Beautiful REST+JSON APIs with IonBeautiful REST+JSON APIs with Ion
Beautiful REST+JSON APIs with Ion
 
Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101
 
REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!REST API Security: OAuth 2.0, JWTs, and More!
REST API Security: OAuth 2.0, JWTs, and More!
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)Building Secure User Interfaces With JWTs (JSON Web Tokens)
Building Secure User Interfaces With JWTs (JSON Web Tokens)
 
Getting Started With Angular
Getting Started With AngularGetting Started With Angular
Getting Started With Angular
 
Token Authentication for Java Applications
Token Authentication for Java ApplicationsToken Authentication for Java Applications
Token Authentication for Java Applications
 
Building Beautiful REST APIs with ASP.NET Core
Building Beautiful REST APIs with ASP.NET CoreBuilding Beautiful REST APIs with ASP.NET Core
Building Beautiful REST APIs with ASP.NET Core
 
So long scrum, hello kanban
So long scrum, hello kanbanSo long scrum, hello kanban
So long scrum, hello kanban
 
Build a Node.js Client for Your REST+JSON API
Build a Node.js Client for Your REST+JSON APIBuild a Node.js Client for Your REST+JSON API
Build a Node.js Client for Your REST+JSON API
 
Elegant Rest Design Webinar
Elegant Rest Design WebinarElegant Rest Design Webinar
Elegant Rest Design Webinar
 
Build A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIBuild A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON API
 
REST API Design for JAX-RS And Jersey
REST API Design for JAX-RS And JerseyREST API Design for JAX-RS And Jersey
REST API Design for JAX-RS And Jersey
 

Similar to Spring Boot Authentication...and More!

CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...
CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...
CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...CloudIDSummit
 
Enable Authentication and Authorization with Azure Active Directory and Sprin...
Enable Authentication and Authorization with Azure Active Directory and Sprin...Enable Authentication and Authorization with Azure Active Directory and Sprin...
Enable Authentication and Authorization with Azure Active Directory and Sprin...VMware Tanzu
 
Provisioning IDaaS - Using SCIM to Enable Cloud Identity
Provisioning IDaaS - Using SCIM to Enable Cloud IdentityProvisioning IDaaS - Using SCIM to Enable Cloud Identity
Provisioning IDaaS - Using SCIM to Enable Cloud IdentityPat Patterson
 
Fragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppFragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppAppsecco
 
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...Agile Testing Alliance
 
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Guillaume Meyer
 
Microsoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureMicrosoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureDavide Benvegnù
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft 365 Developer
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppLogi Analytics
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 
Spring Boot 1.3 News #渋谷Java
Spring Boot 1.3 News #渋谷JavaSpring Boot 1.3 News #渋谷Java
Spring Boot 1.3 News #渋谷JavaToshiaki Maki
 
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0Tzu-Cheng(Jason) Chuang
 
Extending GitHub to Meet your Open Source Policy
Extending GitHub to Meet your Open Source PolicyExtending GitHub to Meet your Open Source Policy
Extending GitHub to Meet your Open Source PolicyFINOS
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersInon Shkedy
 
Building Mobile (app) Masterpiece with Distributed Agile
Building Mobile (app) Masterpiece with Distributed AgileBuilding Mobile (app) Masterpiece with Distributed Agile
Building Mobile (app) Masterpiece with Distributed AgileWee Witthawaskul
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security LoggingMilton Smith
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...atwork
 
Microsoft identity platform community call-May 2020
Microsoft identity platform community call-May 2020Microsoft identity platform community call-May 2020
Microsoft identity platform community call-May 2020Microsoft 365 Developer
 

Similar to Spring Boot Authentication...and More! (20)

CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...
CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...
CIS 2015- Provisioning IDaas- Using SCIM to Enable Cloud Identity- Pat Patter...
 
Enable Authentication and Authorization with Azure Active Directory and Sprin...
Enable Authentication and Authorization with Azure Active Directory and Sprin...Enable Authentication and Authorization with Azure Active Directory and Sprin...
Enable Authentication and Authorization with Azure Active Directory and Sprin...
 
Provisioning IDaaS - Using SCIM to Enable Cloud Identity
Provisioning IDaaS - Using SCIM to Enable Cloud IdentityProvisioning IDaaS - Using SCIM to Enable Cloud Identity
Provisioning IDaaS - Using SCIM to Enable Cloud Identity
 
Fragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your AppFragments-Plug the vulnerabilities in your App
Fragments-Plug the vulnerabilities in your App
 
The user s identities
The user s identitiesThe user s identities
The user s identities
 
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...
#ATAGTR2019 Presentation "Top 10 quality engineering best practices to achiev...
 
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
Créer une App Microsoft Teams : REX - Replay Microsoft Experiences 2018
 
Microsoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureMicrosoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and Azure
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020
 
Choosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your AppChoosing the Best Business Intelligence Security Model for Your App
Choosing the Best Business Intelligence Security Model for Your App
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Spring Boot 1.3 News #渋谷Java
Spring Boot 1.3 News #渋谷JavaSpring Boot 1.3 News #渋谷Java
Spring Boot 1.3 News #渋谷Java
 
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0
昕力技術小聚2023-02-23 OAuth 2.0 Spring Boot 3.0
 
Extending GitHub to Meet your Open Source Policy
Extending GitHub to Meet your Open Source PolicyExtending GitHub to Meet your Open Source Policy
Extending GitHub to Meet your Open Source Policy
 
2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil2011 NASA Open Source Summit - Forge.mil
2011 NASA Open Source Summit - Forge.mil
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentesters
 
Building Mobile (app) Masterpiece with Distributed Agile
Building Mobile (app) Masterpiece with Distributed AgileBuilding Mobile (app) Masterpiece with Distributed Agile
Building Mobile (app) Masterpiece with Distributed Agile
 
How to Use OWASP Security Logging
How to Use OWASP Security LoggingHow to Use OWASP Security Logging
How to Use OWASP Security Logging
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
 
Microsoft identity platform community call-May 2020
Microsoft identity platform community call-May 2020Microsoft identity platform community call-May 2020
Microsoft identity platform community call-May 2020
 

Recently uploaded

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 

Recently uploaded (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Spring Boot Authentication...and More!

  • 1. 1 © 2016 Pivotal Spring Boot Authentication... and More! Micah Silverman, Java Developer Evangelist, Stormpath @afitnerd
  • 2. 2 Learn More. Stay Connected. Twitter: twitter.com/gostormpath Blog: stormpath.com/blog GitHub: github.com/stormpath Docs: docs.stormpath.com Twitter: twitter.com/springcentral YouTube: spring.io/video LinkedIn: spring.io/linkedin Google Plus: spring.io/gplus
  • 3. 3 Agenda  Authentication Pain Points in Java  Stormpath, Spring Boot, and Your Architecture  Demo: Authentication in Spring Boot with these features: • A complete user registration and login system • Pre-built login screens • Password reset workflows • Group-based authorization • Advanced user features: API authentication, Single Sign-On, social login, and more  Technical Q&A
  • 4. 4 Speed to Marketing & Cost Reduction  Complete Identity solution out-of-the-box  Security best practices and updates by default  Clean & elegant API/SDKs  Little to code, no maintenance Focus on Your Core Competency
  • 5. 5 Stormpath User Management User Data User Workflows Google ID Application SDK Application SDK Application SDK ID Integrations Facebook Active Directory SAML
  • 6. 6 Features  Secure, flexible Authentication • (Password, Token, OAuth, API)  Deep Authorization • Groups, Roles • Customer Organizations • Permissions  Customer Profile Data  Single Sign-On Across Your Apps  Hosted User Screens
  • 7. 7 Authentication Pain Points in Java  Typical Authentication coding tasks: • Large pile of code • NOTHING to do with your business • And you must maintain  You’re on your own: • DO NOT forget to encrypt those passwords • DO NOT forget to include CSRF tokens in your templates
  • 8. 8 Stormpath, Spring Boot, and Your Architecture 1. Create a Stormpath account 2. Create and API Access keyset 3. Choose your Stormpath Spring Boot Starter 4. Write your Spring Boot App
  • 9. 9 Stormpath Spring Boot Integration Architecture stormpath-default-spring-boot-starter stormpath- spring-boot-starter stormpath-spring stormpath-spring-security-webmvc- spring-boot-starter stormpath-thymeleaf- spring-boot-starter stormpath-webmvc- spring-boot-starter stormpath-spring-security- spring-boot-starter