321 North Fort Lauderdale Beach Boulevard
Fort Lauderdale, FL 33304
Apache Shiro PMC Chair
Les has a BS in Computer Science from Georgia Tech, currently lives in San Mateo, CA and practices Kendo and studies Japanese when he's not banging out code.
Apache Shiro PMC Chair and Stormpath Founder/CTO, Les Hazlewood, will give an overview of the basics of application security, including...
● Basic best practices for authentication, authorization, session management, and cryptography ● Common web application security flaws and how to protect your web app ● What is OAuth and how does it work for web apps?
Join us for an informative session on Application Security!
Over 100,000 organizations have seen Apache Shiro's simplicity and power as as security framework for authentication and authorization. But did you know that Shiro's Enterprise Session Management enables easy session clustering for any application? If you need to support concurrent user sessions in the thousands or millions, you won't want to miss this!
Apache Shiro is an easy-to-use open-source security framework with four cornerstones: authentication, authorization, session management and cryptography.
In this session Les Hazlewood, the Apache Shiro PMC Chair, will cover: ● Shiro’s enterprise session management capabilities ● How it can be used across any application (not just web or JEE applications) ● How it can be used to support simple Single Sign-On ● How to enable a distributed session cluster to support hundreds of thousands or even millions of concurrent sessions.
As a working example, Les will show how to set up a cloud hosted session cluster in under 10 minutes using a distributed NoSQL data store. If you need to scale user session load, you won’t want to miss this!
Many modern cloud applications are “single-instance, multi-tenant”: one software product services many tenants (customers), but to end users, it ‘feels’ like a single-customer product. Apache Shiro is an easy-to-use and flexible security framework that can secure any application, including today’s modern cloud multi-tenant applications. In this presentation, we'll see how to secure a multi-tenant cloud application easily with Apache Shiro.
Apache Shiro is an easy-to-use open-source application security framework used by over 100,000 organizations to support the four cornerstones of application security: authentication, authorization, enterprise session management, and cryptography.
In this presentation Les Hazlewood, the Apache Shiro PMC Chair, will demonstrate:
● How to secure multi-tenant applications using Shiro ● How to resolve tenant and user identity for a web request ● How to perform tenant user authentication and authorization using Shiro’s APIs
Designing a really clean and intuitive REST + JSON API is no small feat. You have to worry about resources, collections of resources, pagination, query parameters, references to other resources, which HTTP Methods to use, HTTP Caching, security, and more! And you have to make sure it lasts and doesn't break clients as you add features over time. Further, while there are many references on creating REST APIs with XML, there are much fewer references for REST + JSON.
In this presentation, Les Hazlewood - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting JSON-based REST APIs, using examples from a clean real-world REST+JSON API.
He will cover:
● JSON-based data formats in a RESTful API ● References to other JSON-based resources (aka 'linking'). ● Resource collections and pagination ● How to map (and how not to map) HTTP methods to Resource CRUD ● Resource partial updates ● Supporting HTTP Method Overloading for clients that don't support HTTP PUT and DELETE ● API versioning strategies ● Meaningful Error responses ● Many-to-many resource relationships ● HTTP Caching and Optimistic concurrency control. ● Authentication and Security