Deconstructing REST Security by David Blevins
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, are riddled with extensions, and almost seem designed to deliberately confuse. For a back-end REST developer, choking all this down for the first time is mission impossible. With an aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. The presentation also details a competing Amazon-style approach called HTTP Signatures and digs into the architectural differences of all three, with a heavy focus on the wire, showing actual HTTP messages and enough detail to have you thinking, “I could write this myself.”
Founder of Tomitribe, veteran of Open Source Java EE in both implementing and defining JavaEE specifications for over 10 years with a strong drive to see JavaEE simple, testable and as light as Java SE. Co-Founder of OpenEJB (1999), Geronimo (2003), TomEE (2011). Member of the Java EE 7 and EJB 3.2 Expert Groups, past member of the Java EE 6, EJB 3.1, and EJB 3.0 Expert Groups. Contributing author to Component-Based Software Engineering: Putting the Pieces Together from Addison Wesley.
Видео Deconstructing REST Security by David Blevins канала Devoxx
Founder of Tomitribe, veteran of Open Source Java EE in both implementing and defining JavaEE specifications for over 10 years with a strong drive to see JavaEE simple, testable and as light as Java SE. Co-Founder of OpenEJB (1999), Geronimo (2003), TomEE (2011). Member of the Java EE 7 and EJB 3.2 Expert Groups, past member of the Java EE 6, EJB 3.1, and EJB 3.0 Expert Groups. Contributing author to Component-Based Software Engineering: Putting the Pieces Together from Addison Wesley.
Видео Deconstructing REST Security by David Blevins канала Devoxx
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Common API security pitfalls by Philippe De Ryck](https://i.ytimg.com/vi/YQzU8xEBiPg/default.jpg)
![OAuth 2.0 and OpenID Connect (in plain English)](https://i.ytimg.com/vi/996OiexHze0/default.jpg)
![Mastering Chaos - A Netflix Guide to Microservices](https://i.ytimg.com/vi/CZ3wIuvmHeM/default.jpg)
![Ask the Java Architects by Brian Goetz and Mark Reinhold](https://i.ytimg.com/vi/JehEnHGqOTY/default.jpg)
![100% Stateless with JWT (JSON Web Token) by Hubert Sablonnière](https://i.ytimg.com/vi/67mezK3NzpU/default.jpg)
![Micronaut Deep Dive by Graeme Rocher](https://i.ytimg.com/vi/S5yfTfPeue8/default.jpg)
![Common mistakes made in Functional Java by Brian Vermeer](https://i.ytimg.com/vi/vuFCTdywMtE/default.jpg)
![Debugging Under Fire: Keep your Head when Systems have Lost their Mind • Bryan Cantrill • GOTO 2017](https://i.ytimg.com/vi/30jNsCVLpAE/default.jpg)
![Event Sourcing - You are doing it wrong - David Schmitz](https://i.ytimg.com/vi/rdB9Q8GouKI/default.jpg)
![Micronaut in Action! by Iván López](https://i.ytimg.com/vi/aBTMn-9PPvM/default.jpg)
![Scale By The Bay 2018: Bryan Cantrill, Rust and Other Interesting Things](https://i.ytimg.com/vi/2wZ1pCpJUIM/default.jpg)
![REST vs. GraphQL: Critical Look](https://i.ytimg.com/vi/yLf0rIaRtRc/default.jpg)
![](https://i.ytimg.com/vi/AIYFXJyv4mo/default.jpg)
![Security Patterns for Microservice Architectures](https://i.ytimg.com/vi/s4wsqYaZJ2s/default.jpg)
![What is JWT authorization really about - Java Brains](https://i.ytimg.com/vi/soGRyl9ztjI/default.jpg)
![An Illustrated Guide to OAuth and OpenID Connect](https://i.ytimg.com/vi/t18YB3xDfXI/default.jpg)
![Oktane17: Designing Beautiful REST + JSON APIs](https://i.ytimg.com/vi/MiOSzpfP1Ww/default.jpg)
![Java Futures, Devoxx 2018 Edition by Brian Goetz](https://i.ytimg.com/vi/4r2Wg-TY7gU/default.jpg)
![Victor Rentea - Evolving a Clean, Pragmatic Architecture – A Software Crafter’s Guide](https://i.ytimg.com/vi/tMHO7_RLxgQ/default.jpg)
![Common API Security Pitfalls - Philippe De Ryck](https://i.ytimg.com/vi/dDZNDVO5EFQ/default.jpg)