John Davies discusses passwords, the need for multiple passwords and password managers, and how OAuth is providing SSO for multiple sites, including an OAuth demo app for the iPhone.
Pratap Chilukuri explains what OAuth is and how it works, exemplifying using the protocol with an example.
Robert Winch explains how to secure a multi-tenant application with Spring Security and how to enable OAuth 2.
Mark Ryland presents and demoes identity and access management concepts as used in the cloud and EC2 security groups and packet networking inside the Amazon AWS.
Pat Patterson discusses ways of consuming RESTful APIs from Clojure on a securely manner using OAuth 2.0.
Paul Downey talks on the current status of identity management on the web covering cross-site challenges, REST, HTTPS, Open ID, all in the context of enterprise architecture.
Craig Walls discusses the need for adding social features to applications, how to secure such applications and how Spring Social can help.
David Syer discusses identity management, SSO, security standards –SAML, OpenID, OAuth, SCIM, JWT-, how Spring Security can fit in, and demoing IdM as a service.
Craig Walls talks about securing the modern web and how OAuth can help with that, showing how to secure and consume resources with OAuth.
Rob Winch demoes some of the new features in Spring Security 3.1: multiple http elements, stateless authentication mode for RESTful services, Debug Filter, CAS support for proxy tickets, JAAS, etc.
Ben Alex along with a SpringSource team present the future of mobile applications, authorization, data, and application architecture as seen by VMware.
Dirk Krafzig presents general aspects of implementing SOA security using a token and role-based approach rather than session and application-based access to resources, including organizational issues.