Stormpath, profile picture
Uploaded byStormpath
PPTX, PDF693 views

Instant Security & Scalable User Management with Spring Boot

The document discusses the challenges of implementing user management and authentication in applications. It shows how traditional approaches require developers to implement many aspects of user management including the data store, user models, pages for signup and login, and integration with social providers and single sign-on. Stormpath is presented as a solution that handles these challenges by taking over user management and allowing applications to authenticate users without implementing any of these aspects themselves. The document includes a demonstration of Stormpath's capabilities.

Technology
Related topics:
Web Development

Embed presentation

Downloaded 20 times
@lhazlewood | @goStormpath Instant Security & Scalable User Management with Spring Boot Les Hazlewood @lhazlewood Apache Shiro Project Chair CTO, Stormpath stormpath.com
@lhazlewood | @goStormpath Spring Security • Authentication • Authorization • Enforcement • No user management
@lhazlewood | @goStormpath You’re on the hook for: • Data store integration • Data modeling • HTML pages • CSRF view support • Email verification • Forgot password • Oauth2 / Social setup • SAML coordination • Crypto choices • Multi-factor auth • Scale / growth • SaaS Multi-Tenancy • Mobile auth strategy • Microservice auth • Best practices • ...etc...
@lhazlewood | @goStormpath Traditional Application Your Application Users
@lhazlewood | @goStormpath What about new stores? Users LDAP/AD Your Application
@lhazlewood | @goStormpath And legacy migration? Legacy Users LDAP/AD New Users Your Application
@lhazlewood | @goStormpath And Social? Legacy Users LDAP/AD Google Apps Facebook GitHub New Users Your Application
@lhazlewood | @goStormpath And SSO/SAML? Legacy Users LDAP/AD Google Apps Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin
@lhazlewood | @goStormpath And Multi-Tenant / SaaS ? Legacy Users LDAP/AD Google Apps Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin Customer A Customer C Customer F Customer B Customer D Customer E Customer G
@lhazlewood | @goStormpath Oh the Hue Manatee!
@lhazlewood | @goStormpath Stormpath takes you from this... Legacy Users LDAP/AD Google Apps Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin Customer A Customer C Customer F Customer B Customer D Customer E Customer G
@lhazlewood | @goStormpath To this... Your Application
@lhazlewood | @goStormpath To this... Your Application Your Application Your Application Your Application ...
@lhazlewood | @goStormpath But much more than a backend • Application SDKs • Framework Integrations • Best practices
@lhazlewood | @goStormpath Live Demo Time!
@lhazlewood | @goStormpath Pages & Workflows
@lhazlewood | @goStormpath SSO & Social
@lhazlewood | @goStormpath OAuth & Mobile
@lhazlewood | @goStormpath Flexible Authorization
@lhazlewood | @goStormpath Application Servlet Filters How does it work? Spring Security Stormpath MVC Stormpath SDK ...
@lhazlewood | @goStormpath Stormpath works hard for you • Java SDK 1.0.0 released last Tuesday! • SDK + Integration Effort: ~ 8 man years • Extreme customizability • Automatic defaults • Often no code required
@lhazlewood | @goStormpath Thank You! • les@stormpath.com • Twitter: @lhazlewood • https://stormpath.com

More Related Content

PDF
Securing Web Applications with Token Authentication
byStormpath
 
PPTX
Spring Boot Authentication...and More!
byStormpath
 
PPTX
How to Use Stormpath in angular js
byStormpath
 
PDF
Preventing Security Leaks in SharePoint with Joel Oleson & Christian Buckley
byJoel Oleson
 
PPTX
Deep thoughts from the real world of azure
byMichele Leroux Bustamante
 
PPTX
Secure API Services in Node with Basic Auth and OAuth2
byStormpath
 
PPTX
Secure Your REST API (The Right Way)
byStormpath
 
PDF
The Ultimate Guide to Mobile API Security
byStormpath
 
Securing Web Applications with Token Authentication
byStormpath
 
Spring Boot Authentication...and More!
byStormpath
 
How to Use Stormpath in angular js
byStormpath
 
Preventing Security Leaks in SharePoint with Joel Oleson & Christian Buckley
byJoel Oleson
 
Deep thoughts from the real world of azure
byMichele Leroux Bustamante
 
Secure API Services in Node with Basic Auth and OAuth2
byStormpath
 
Secure Your REST API (The Right Way)
byStormpath
 
The Ultimate Guide to Mobile API Security
byStormpath
 

What's hot

PDF
Facebook & Twitter API
byFabrice Delhoste
 
PDF
Mobile Application Scan and Testing
byBlueinfy Solutions
 
PPTX
OAuth in the new .NET world (OWIN)
byEmad Alashi
 
PPTX
Aws iam best practices to live by
byJohn Varghese
 
PDF
AJAX Security - LAC2016
byJulia Logan a.k.a. IrishWonder
 
PPTX
Multi-Tenancy with Spring Boot
byStormpath
 
PPTX
Token Authentication in ASP.NET Core
byStormpath
 
PDF
Ajax Security Dangers
bydrkimsky
 
PPTX
Writing Secure SharePoint Code - SharePoint Saturday Toronto
byEli Robillard
 
PPTX
Lies you have been told about REST
bydarrelmiller71
 
PDF
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
byGustaf Nilsson Kotte
 
PDF
Usergrid Overview
byusergrid
 
PDF
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
byPeter Selch Dahl
 
PDF
Security vulnerabilities decomposition
byKaty Anton
 
PPT
Starwest 2008
byCaleb Sima
 
PPTX
HTTP Services & REST API Security
byTaiseer Joudeh
 
PPTX
JWTs for CSRF and Microservices
byStormpath
 
PDF
Mobile Authentication for iOS Applications - Stormpath 101
byStormpath
 
PPTX
Making Sense of API Access Control
byCA API Management
 
Facebook & Twitter API
byFabrice Delhoste
 
Mobile Application Scan and Testing
byBlueinfy Solutions
 
OAuth in the new .NET world (OWIN)
byEmad Alashi
 
Aws iam best practices to live by
byJohn Varghese
 
AJAX Security - LAC2016
byJulia Logan a.k.a. IrishWonder
 
Multi-Tenancy with Spring Boot
byStormpath
 
Token Authentication in ASP.NET Core
byStormpath
 
Ajax Security Dangers
bydrkimsky
 
Writing Secure SharePoint Code - SharePoint Saturday Toronto
byEli Robillard
 
Lies you have been told about REST
bydarrelmiller71
 
Surviving the Zombie Apocalypse of Connected devices - Jfokus 2013
byGustaf Nilsson Kotte
 
Usergrid Overview
byusergrid
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
byPeter Selch Dahl
 
Security vulnerabilities decomposition
byKaty Anton
 
Starwest 2008
byCaleb Sima
 
HTTP Services & REST API Security
byTaiseer Joudeh
 
JWTs for CSRF and Microservices
byStormpath
 
Mobile Authentication for iOS Applications - Stormpath 101
byStormpath
 
Making Sense of API Access Control
byCA API Management
 

Viewers also liked

PPTX
Beautiful REST+JSON APIs with Ion
byStormpath
 
PPTX
Token Authentication for Java Applications
byStormpath
 
PPTX
Building Secure User Interfaces With JWTs (JSON Web Tokens)
byStormpath
 
PPTX
Browser Security 101
byStormpath
 
PDF
Building Beautiful REST APIs with ASP.NET Core
byStormpath
 
PPTX
REST API Security: OAuth 2.0, JWTs, and More!
byStormpath
 
PPTX
Single-Page-Application & REST security
byIgor Bossenko
 
PDF
Building Beautiful REST APIs in ASP.NET Core
byStormpath
 
PPTX
So long scrum, hello kanban
byStormpath
 
PDF
Getting Started With Angular
byStormpath
 
PPTX
Build a Node.js Client for Your REST+JSON API
byStormpath
 
PPTX
Build A Killer Client For Your REST+JSON API
byStormpath
 
PDF
Build a REST API for your Mobile Apps using Node.js
byStormpath
 
PPTX
Elegant Rest Design Webinar
byStormpath
 
PPTX
Stormpath 101: Spring Boot + Spring Security
byStormpath
 
PPTX
Storing User Files with Express, Stormpath, and Amazon S3
byStormpath
 
PPTX
Custom Data Search with Stormpath
byStormpath
 
PDF
JWTs in Java for CSRF and Microservices
byStormpath
 
Beautiful REST+JSON APIs with Ion
byStormpath
 
Token Authentication for Java Applications
byStormpath
 
Building Secure User Interfaces With JWTs (JSON Web Tokens)
byStormpath
 
Browser Security 101
byStormpath
 
Building Beautiful REST APIs with ASP.NET Core
byStormpath
 
REST API Security: OAuth 2.0, JWTs, and More!
byStormpath
 
Single-Page-Application & REST security
byIgor Bossenko
 
Building Beautiful REST APIs in ASP.NET Core
byStormpath
 
So long scrum, hello kanban
byStormpath
 
Getting Started With Angular
byStormpath
 
Build a Node.js Client for Your REST+JSON API
byStormpath
 
Build A Killer Client For Your REST+JSON API
byStormpath
 
Build a REST API for your Mobile Apps using Node.js
byStormpath
 
Elegant Rest Design Webinar
byStormpath
 
Stormpath 101: Spring Boot + Spring Security
byStormpath
 
Storing User Files with Express, Stormpath, and Amazon S3
byStormpath
 
Custom Data Search with Stormpath
byStormpath
 
JWTs in Java for CSRF and Microservices
byStormpath
 

Recently uploaded

PPTX
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
The State of the Gen AI economy - 2025 - The Meliora Company
byClive Dickens
 
PDF
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
PDF
What Is a Private LLM and Why Enterprises Need It
byAivada
 
PDF
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
PDF
Lab 5.1 Architecture + Threat Modeling Exercise - 2nd Sight Lab Cloud Securit...
by2nd Sight Lab
 
PPTX
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
PPTX
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
PDF
The State of AI Report - Battery Ventures
byRazin Mustafiz
 
PPTX
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
PDF
Beyond the Grid: Crafting a Custom Android Launcher from Scratch
byDinoy Raj K
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PDF
Lab 2.2 DNS In The Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Lab 3.4 S3 + Encryption - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Lab 2.5 Network Logs in the Cloud.pdf - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
MISC1. Mechanical Trouble Shooting MECH.pdf
byaries287615
 
PPT
operationa research chapter 3 PowerPoint
byKhadijaWaheed5
 
PPTX
Meet the Liemke Luchs-1 — Lightweight, Intuitive Thermal Optic
byMark Griffin
 
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
The State of the Gen AI economy - 2025 - The Meliora Company
byClive Dickens
 
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
What Is a Private LLM and Why Enterprises Need It
byAivada
 
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
Lab 5.1 Architecture + Threat Modeling Exercise - 2nd Sight Lab Cloud Securit...
by2nd Sight Lab
 
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
The State of AI Report - Battery Ventures
byRazin Mustafiz
 
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
Beyond the Grid: Crafting a Custom Android Launcher from Scratch
byDinoy Raj K
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
How to Evaluate a High Performance Database
byScyllaDB
 
Lab 2.2 DNS In The Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Lab 3.4 S3 + Encryption - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Lab 2.5 Network Logs in the Cloud.pdf - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
MISC1. Mechanical Trouble Shooting MECH.pdf
byaries287615
 
operationa research chapter 3 PowerPoint
byKhadijaWaheed5
 
Meet the Liemke Luchs-1 — Lightweight, Intuitive Thermal Optic
byMark Griffin
 

Instant Security & Scalable User Management with Spring Boot

Editor's Notes

  • #16 Pages & Workflows SSO & Social OAuth & Mobile Flexible Authorization