Multi-tenancy OAuth with Spring Security 5.2
A very typical OAuth deployment includes an Authorization Server and a set of applications and APIs that trust authorities issued by that Authorization Server.
But what about APIs and applications that serve more than one tenant? Can a single API or application trust multiple Authorization Servers? What about making those decisions programmatically at runtime or via a database? Multi-tenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes.
This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. We’ll also review Spring Security’s ClientRegistrationRepository and where it comes into play. We’ll begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, database-driven, multi-tenant deployment.
Speaker: Josh Cummings; Software Engineer, Pivotal
Filmed at SpringOne Platform 2019
Slides: https://www.slideshare.net/SpringCentral/multitenancy-oauth-with-spring-security-52
Видео Multi-tenancy OAuth with Spring Security 5.2 канала SpringDeveloper
But what about APIs and applications that serve more than one tenant? Can a single API or application trust multiple Authorization Servers? What about making those decisions programmatically at runtime or via a database? Multi-tenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes.
This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. We’ll also review Spring Security’s ClientRegistrationRepository and where it comes into play. We’ll begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, database-driven, multi-tenant deployment.
Speaker: Josh Cummings; Software Engineer, Pivotal
Filmed at SpringOne Platform 2019
Slides: https://www.slideshare.net/SpringCentral/multitenancy-oauth-with-spring-security-52
Видео Multi-tenancy OAuth with Spring Security 5.2 канала SpringDeveloper
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Spring Security Patterns
Securing OAuth 2.0 Resources in Spring Security 5.0
Avoiding Reactor Meltdown
Explain it to Me Like I’m 5: Oauth2 and OpenID
Domain-Driven Design with Relational Databases Using Spring Data JDBC
Spring Cloud Gateway for Stateless Microservice Authorization
Designing a Reactive System
Whats New in Spring Boot 2 4
It's a Kind of Magic: Under the Covers of Spring Boot - Brian Clozel, Stéphane Nicoll
Implementing Microservices Security Patterns and Protocols with Spring Security
Bootiful Testing
Building Reactive Pipelines: How to Go from Scalable Apps to (Ridiculously) Scalable Systems
Architecture Deep Dive in Spring Security
Spring Tips: Business Process Management with Flowable
Spring for Architects
Performance Monitoring Backend and Frontend using Micrometer
RSocket Messaging with Spring
Hacking Spring Boot Applications Using Visual Studio Code
Streaming with Spring Cloud Stream and Apache Kafka