SpringOne2GX 2015 replay: A How to Guide to Security in the PAAS Cloud

News | Pieter Humphrey | October 19, 2015 | ...

Recorded at SpringOne2GX 2015 Speaker: John Field, Shawn McKinney Slides: http://www.slideshare.net/SpringCentral/a-how-to-guide-to-security-in-the-paas-cloud Most developers still deal with application security issues in isolation, without understanding the security of the ""full stack"". As a result, security is sometimes inconsistent, and can be seen as a barrier to moving applications to the cloud. The session will examine the security of a typical Java Web application in an enterprise deployment. We will then look at what needs to change when that secure Java application is “forklifted” into Cloud Foundry. Finally, we will look at the benefits of adopting cloud native security protocols, such as OAuth2 and SAML2. The journey will cover 5 common application security architecture patterns taken from real world customer problems. We will compare how the security integration patterns differ between a standalone application and a cloud native application. From legacy enterprise identity management integration to security for microservices, this technical session includes practical, hands-on guidance to properly implementing authentication, authorization, and confidentiality controls using Spring and Cloud Foundry. We have all heard of the idea of the “Full Stack” developer — someone who can understand the application up and down the whole stack. The goal of this session is to describe the full security stack and show how it differs between standalone deployments and a PAAS deployment.

Get the Spring newsletter

Stay connected with the Spring newsletter

Subscribe

Get ahead

VMware offers training and certification to turbo-charge your progress.

Learn more

Get support

Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.

Learn more

Upcoming events

Check out all the upcoming events in the Spring community.

View all