Devoxx Poland 2019
from Monday 24 June to Wednesday 26 June 2019.
Senior Engineering Manager at Red Hat and responsible for team behind Keycloak project and Red Hat Single Sign-On product. Former Chief Architect for security area within Red Hat Middleware group. Former Lead of GateIn project and Platform Architect for Red Hat JBoss Portal Platform. One of PicketLink project founders and was leading initial IDM component implementation. Represented RedHat in expert groups for JSR 351 and JSR 362. Used to be one of the leaders of Warsaw Java User Group. Co-Founder of Warsaw JBoss User Group. Member of organising committees for number of community conferences - Javarsovia 2007 (currently rebranded as http://confitura.pl), and Warsjawa 2008, 2012 and 2013
The Survival Guide to Modern Apps AuthN and AuthZ specs
Would you like to get up to speed with all currently relevant authentication and authorization standards related to modern applications, services and APIs? This session will give developers and architect necessary high-level understanding and allow to make educated choices from technologies and protocols based on business needs. Key applications,APIs, and application security best practices will be explained so you will know not only which to follow, but also how to not fall into common security traps. No prior deep technical knowledge required. Attendees will learn: * Single Sign-On (SSO) and Federations with SAML2 * Modern token-based security architecture * JOSE specs and JWTs (Json Web Token) * OAuth2 spec family including OpenID Connect and UMA2 (User Managed Access) * Current state and future of MultiFactor and of PasswordLess Authentication standards. FIDO Alliance & W3C WebAuthN - (U2F, UAF, CTAP1&CTAP2) Attendees will come away from this session prepared to integrate modern development and security techniques into their application development processes to provide secure services for their businesses.