Colin Harrington warns that application security is not a concern that we can ignore. Vulnerabilities come from various angles, but it is important to stay aware so we can recognize and thwart threats
Scott Smerchek presents the benefits of using a nonprofit web project to learn Rails and what he learned while building LoveKC.org, introducing various Rails topics.
Chris Risner demos an Android app built with Azure Mobile Services using structured data stored in the cloud, GCM push notifications with a single line of code, authentication, security and others.
Justin Kobel introduces claims-based authentication, what are claims, their life cycle, explaining how to consume them in .NET through a number of demoes.
Chas Emerick explains how to implement multi-factor authentication, role-based authorization and phishing prevention with Friend.
John Davies discusses passwords, the need for multiple passwords and password managers, and how OAuth is providing SSO for multiple sites, including an OAuth demo app for the iPhone.
Pat Patterson discusses ways of consuming RESTful APIs from Clojure on a securely manner using OAuth 2.0.
Rob Winch demoes some of the new features in Spring Security 3.1: multiple http elements, stateless authentication mode for RESTful services, Debug Filter, CAS support for proxy tickets, JAAS, etc.
Dirk Krafzig presents general aspects of implementing SOA security using a token and role-based approach rather than session and application-based access to resources, including organizational issues.
Mike Wiesner demoes using Spring Security 3 with its new features, such as expression language-based authorization and extensions, to implement authentication and authorization in Java applications.