Multi-tenancy OAuth with Spring Security 5.2
A very typical OAuth deployment includes an Authorization Server and a set of applications and APIs that trust authorities issued by that Authorization Server.
But what about APIs and applications that serve more than one tenant? Can a single API or application trust multiple Authorization Servers? What about making those decisions programmatically at runtime or via a database? Multi-tenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes.
This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. We’ll also review Spring Security’s ClientRegistrationRepository and where it comes into play. We’ll begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, database-driven, multi-tenant deployment.
Speaker: Josh Cummings; Software Engineer, Pivotal
Filmed at SpringOne Platform 2019
Slides: https://www.slideshare.net/SpringCentral/multitenancy-oauth-with-spring-security-52
Видео Multi-tenancy OAuth with Spring Security 5.2 канала SpringDeveloper
But what about APIs and applications that serve more than one tenant? Can a single API or application trust multiple Authorization Servers? What about making those decisions programmatically at runtime or via a database? Multi-tenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes.
This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. We’ll also review Spring Security’s ClientRegistrationRepository and where it comes into play. We’ll begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, database-driven, multi-tenant deployment.
Speaker: Josh Cummings; Software Engineer, Pivotal
Filmed at SpringOne Platform 2019
Slides: https://www.slideshare.net/SpringCentral/multitenancy-oauth-with-spring-security-52
Видео Multi-tenancy OAuth with Spring Security 5.2 канала SpringDeveloper
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Spring Security PatternsSecuring OAuth 2.0 Resources in Spring Security 5.0Avoiding Reactor MeltdownExplain it to Me Like I’m 5: Oauth2 and OpenIDDomain-Driven Design with Relational Databases Using Spring Data JDBCSpring Cloud Gateway for Stateless Microservice AuthorizationDesigning a Reactive SystemWhats New in Spring Boot 2 4It's a Kind of Magic: Under the Covers of Spring Boot - Brian Clozel, Stéphane NicollImplementing Microservices Security Patterns and Protocols with Spring SecurityBootiful TestingBuilding Reactive Pipelines: How to Go from Scalable Apps to (Ridiculously) Scalable SystemsArchitecture Deep Dive in Spring SecuritySpring Tips: Business Process Management with FlowableSpring for ArchitectsPerformance Monitoring Backend and Frontend using MicrometerRSocket Messaging with SpringHacking Spring Boot Applications Using Visual Studio CodeStreaming with Spring Cloud Stream and Apache Kafka