Craig Walls discusses the need for adding social features to applications, how to secure such applications and how Spring Social can help.
David Syer discusses identity management, SSO, security standards –SAML, OpenID, OAuth, SCIM, JWT-, how Spring Security can fit in, and demoing IdM as a service.
Craig Walls talks about securing the modern web and how OAuth can help with that, showing how to secure and consume resources with OAuth.
Rob Winch demoes some of the new features in Spring Security 3.1: multiple http elements, stateless authentication mode for RESTful services, Debug Filter, CAS support for proxy tickets, JAAS, etc.
Ben Alex along with a SpringSource team present the future of mobile applications, authorization, data, and application architecture as seen by VMware.
Dirk Krafzig presents general aspects of implementing SOA security using a token and role-based approach rather than session and application-based access to resources, including organizational issues, such as the need for an enterprise security architect.
Mike Wiesner demoes using Spring Security 3 with its new features, such as expression language-based authorization and extensions, to implement authentication and authorization in Java applications.
This presentation is a collection of five fifteen-minute mini-keynotes (called post-it notes) presented at the Glue conference in Denver, 2009. All presentations focused on aspects of "gluing together" web applications, with Fulkerson talking about WOA, and most of the others presenting various ideas about identity and sharing / assuring identity across sites and applications.
This presentation explores the issue of context automation, the forces driving it (clouds, extensible browsers, internet identities) and then focuses on issues of identity and how identity services augment context and facilitate using features of the cloud and extensible browsers to provide a richer and more secure user experience.
In this presentation from QCon SF 2007, Justin Gehtland explains two open solutions to distributed identity and their Rails integration components: the OpenID system (using ruby-openid) and CAS (using rubycas-client).
The SAML has emerged as the gold standard for building Cross-Domain SSO solutions and is a key technology in the domain of federated identity management. The basic concepts of SAML as well as a technical synopsis will be presented. What are SAML assertions, attributes, artifacts, bindings and profiles? What problems does SAML solve, how does it all work out in real life...