Implementing Microservices Security Patterns and Protocols with Spring Security
Views: 1
0
0
The code can be found here: We were using the "s1p-2019" branch but the documentation is better on the "master" branch using UAA instead of keycloak.
Building secure microservices requires mastering a variety of patterns, protocols, frameworks, and technologies. This session provides a holistic end-to-end view of how to secure microservices using industry standard protocols and Spring Security. The goal is to present how standards such as JWT, JWA, JWS, JWE, JWK, OAuth2, OpenID Connect, and TLS can be combined to make writing secure microservices easy.
The session will focus on walkthroughs/live coding showing how to apply the patterns and standards using Spring Security 5.1. The following patterns and their implementations will be demonstrated:
Web SSO Login
implementing OAuth2 resource servers
implementing edge service gateways
Token Exchange in a microservice call chain
Token Relay in a microservice call chain