Instant Security & Scalable User Management with Spring Boot

Transcript

1. @lhazlewood | @goStormpath Instant Security & Scalable User Management with

   Spring Boot Les Hazlewood @lhazlewood Apache Shiro Project Chair CTO, Stormpath stormpath.com

2. @lhazlewood | @goStormpath Welcome! • Agenda • Stormpath 101 (5

   mins) • Security and User Management (45 mins) • Q&A (20 mins) • Remy Champion Marketing • Les Hazlewood Stormpath CTO & Apache Shiro Chair

3. @lhazlewood | @goStormpath Speed to Market & Cost Reduction •

   Complete Identity solution out-of-the-box • Security best practices and updates by default • Clean & elegant API/SDKs • Little to code, no maintenance

4. @lhazlewood | @goStormpath Stormpath SAML ID Integrations

5. @lhazlewood | @goStormpath Spring Security • Authentication • Authorization •

   Enforcement • No user management

6. @lhazlewood | @goStormpath You’re on the hook for: • Data

   store integration • Data modeling • HTML pages • CSRF view support • Email verification • Forgot password • Oauth2 / Social setup • SAML coordination • Crypto choices • Multi-factor auth • Scale / growth • SaaS Multi-Tenancy • Mobile auth strategy • Microservice auth • Best practices • ...etc...

7. @lhazlewood | @goStormpath Traditional Application Your Application Users

8. @lhazlewood | @goStormpath What about new stores? Users LDAP/AD Your

   Application

9. @lhazlewood | @goStormpath And legacy migration? Legacy Users LDAP/AD New

   Users Your Application

10. @lhazlewood | @goStormpath And Social? Legacy Users LDAP/AD Google Apps

    Facebook GitHub New Users Your Application

11. @lhazlewood | @goStormpath And SSO/SAML? Legacy Users LDAP/AD Google Apps

    Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin

12. @lhazlewood | @goStormpath And Multi-Tenant / SaaS ? Legacy Users

    LDAP/AD Google Apps Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin Customer A Customer C Customer F Customer B Customer D Customer E Customer G

13. @lhazlewood | @goStormpath Oh the Hue Manatee!

14. @lhazlewood | @goStormpath Stormpath takes you from this... Legacy Users

    LDAP/AD Google Apps Facebook GitHub New Users Your Application Ping Okta Azure ADFS Oracle SSO SiteMinder LinkedIn OneLogin Customer A Customer C Customer F Customer B Customer D Customer E Customer G

15. @lhazlewood | @goStormpath To this... Your Application

16. @lhazlewood | @goStormpath To this... Your Application Your Application Your

    Application Your Application ...

17. @lhazlewood | @goStormpath But much more than a backend •

    Application SDKs • Framework Integrations • Best practices

18. @lhazlewood | @goStormpath Live Demo Time!

19. @lhazlewood | @goStormpath Pages & Workflows

20. @lhazlewood | @goStormpath SSO & Social

21. @lhazlewood | @goStormpath OAuth & Mobile

22. @lhazlewood | @goStormpath Flexible Authorization

23. @lhazlewood | @goStormpath Application Servlet Filters How does it work?

    Spring Security Stormpath MVC Stormpath SDK ...

24. @lhazlewood | @goStormpath Stormpath works hard for you • Java

    SDK 1.0.0 released last Tuesday! • SDK + Integration Effort: ~ 8 man years • Extreme customizability • Automatic defaults • Often no code required

25. @lhazlewood | @goStormpath Thank You! • [email protected] • Twitter: @lhazlewood

    • https://stormpath.com

26. @lhazlewood | @goStormpath Spring Boot Resources • Spring Boot Stormpath

    Web Starter https://docs.stormpath.com/java/spring-boot-web/ • Simple Web App with Spring Boot, Spring Security, and Stormpath https://stormpath.com/blog/build-spring-boot-spring-security-app • Github Stormpath Spring Boot Tutorial https://github.com/stormpath/stormpath-spring-boot-tutorial