Filip Hanik and Sree Tummidi talk about the OpenID Connect and OAuth 2, sharing their experiences building the CF User Authentication and Account management project, and OpenID Connect implementation.
Alan Ho and Sandeep Murusupalli discuss the right type of protection (OAuth/Throttling) and monitoring (e.g. bot monitoring) needed to be put in place to properly manage microservices.
Will Tran talks about the authentication and authorization scenarios that one may encounter once he starts building out microservices.
Colin Harrington warns that application security is not a concern that we can ignore. Vulnerabilities come from various angles, but it is important to stay aware so we can recognize and thwart threats
David Syer explores the new features in Spring OAuth2, providing guidance on what to use and when, and showing how easy they are to enable quickly.
Josh Long introduces some of the latest Spring features supporting HATEOAS-compliant and OAuth-secured REST services, NoSQL and Big Data, Websockets, OAuth, open-web security and mobile.
Chas Emerick explains how to implement multi-factor authentication, role-based authorization and phishing prevention with Friend.
John Davies discusses passwords, the need for multiple passwords and password managers, and how OAuth is providing SSO for multiple sites, including an OAuth demo app for the iPhone.
Pratap Chilukuri explains what OAuth is and how it works, exemplifying using the protocol with an example.
Robert Winch explains how to secure a multi-tenant application with Spring Security and how to enable OAuth 2.
Pat Patterson discusses ways of consuming RESTful APIs from Clojure on a securely manner using OAuth 2.0.
Paul Downey talks on the current status of identity management on the web covering cross-site challenges, REST, HTTPS, Open ID, all in the context of enterprise architecture.