Deepu K Sasidharan is a Software Engineer by passion and profession. He is a Java Champion working as a Staff Developer Advocate at Auth0 by Okta. He is the co-lead of JHipster and the creator of KDash and JDL Studio. He is a polyglot programmer working with Java, Rust, JavaScript, Go, and so on. He is also a cloud technology advocate and an open-source software aficionado. He has authored books on Full-stack development and frequently writes about Java, Rust, JavaScript, Go, DevOps, Kubernetes, Linux, and so on, on his blog.
Weak passwords remain one of the major causes of breaches and security incidents. The Web Authentication standard provides a robust framework for passwordless authentication using passkeys. Passkeys are the latest revolution in authentication. You may have used it with Google or GitHub. But what exactly is it and how does it work? You will learn all about it in this talk.
We will dive into the core concepts of passkeys, their architecture, and their pros and cons. We will see how Passkey leverages public key cryptography and biometrics/hardware authenticators to offer enhanced security and usability while eliminating the vulnerabilities associated with traditional password-based systems.
We will explore how Java developers can leverage WebAuthn Java libraries to implement passkeys in their apps. We will also learn to use passkeys with Spring Security and external Identity providers. There will be demos, showing step-by-step integration of passkeys into Java web applications.
Ready to level up your microservices security game? Join us and discover how to secure your Spring Boot microservices using the powerful combination of OAuth, OpenID Connect, and popular Identity Providers (IdP) like Keycloak and Auth0.
We will embark on a thrilling journey to master the art of securing Spring Boot microservices. We will dive deep and uncover the security challenges that lie beneath the surface. In this hands-on lab, you'll unlock the secrets of OAuth and OpenID Connect protocols and create an impenetrable shield for your microservices.
But that's not all - we'll take it up a notch by seamlessly integrating IdPs like Keycloak and Auth0 into your microservices security ecosystem, unleashing a whole new level of features and convenience. You'll learn how to configure Spring Security for your microservices and these IdPs, how to set up authentication and authorization for your microservices, and how to configure advanced authentication mechanisms, such as multi-factor authentication and passkeys.
Prepare to get your hands dirty as we dive into practical implementations. You'll gain the confidence and skills needed to conquer client registration, master token management, and handle authorization requests. You'll witness the magic unfold as your microservices become a fortress of security, guarded by the formidable combination of OpenID Connect, and your IdP.
Searching for speaker images...