Implementing Microservices Security Patterns & Protocols with Spring Security 5

Footage from our January meetup event featuring Joe Grandja and sponsored by Logic20/20. Building secure microservices requires mastering a variety of patterns, protocols, frameworks, and technologies. This talk provides a holistic end-to-end view of how to secure microservices using industry standard protocols and Spring Security. The goal is to present how standards such as JWT, JWA, JWS, JWE, JWK, OAuth2, OpenID Connect, TLS can be combined to make writing secure microservices easy.

A high-level explanation of the security standards and protocols will be provided along with demo/code walkthroughs showing how to apply the patterns and standards using Spring Security 5. The following patterns and their implementations will be demonstrated.

- OpenID Connect AuthN
- Implementing OAuth2 resource servers
- Implementing edge service gateways
- Token Exchange in a microservice call chain
- Integration with Spring Authorization Server

Joe's Bio:
Joe Grandja is a core committer on the Spring Security team. He has been leading the efforts in building the next generation of OAuth 2.0, OpenID Connect 1.0, and JOSE framework support in Spring Security 5.