Platform Architect and Engineering Manager at Red Hat. Since 2005 he has been involved in opensource. Enjoying working remotely and creating free software for a living. Platform Architect of JBoss Portal and Project Lead of GateIn till 2014. Co founder of PicketLink project. Currently managing security team at Red Hat Middleware - responsible for projects like KeyCloak. Representing Red Hat in JSR 351 oraz JSR 362 EGs. Formerly one of Warsaw JUG leaders. Co organizer of conferences - Javarsovia/Confitura 2008 and Warsjawa 2008, 2012 and 2013. Co founder of Warsaw JBoss User Group.
Security is hard. Old days are over and it requires way more then providing login form, comparing password hash and maintaining HTTP session. With the raise of mobile and client side apps, (micro) services and APIs it has become a fairly complex topic. At the same time with security breaches hitting the news on the monthly basis it is everyone's concern. Being an area every developer or architect needs to understand very well.
Thankfully a number of modern standards and solutions emerged to help with current challenges. During this talk you will learn how to approach typical security needs using modern token based security and standards like OAuth2, OpenID Connect or SAML. We’ll discuss wide variety of security related topics around multi factor authentication or identity federation and brokering . You will also learn how you can leverage modern open source identity and access management solutions in your applications.