0
WebinarJ2EE Security with Apache SHIRO16th April, 2013
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
What is Authentication, Authorization & Session Mgmt.? Authentication: prove genuineness Authorization: process of grant...
What is Authentication, Authorization & Session Mgmt.?Designers and developers should leverage authorization, authenticati...
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
Introduction on market trending security frameworkJava Authentication and Authorization Service or JAASApache Shiro Securi...
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
1 Javax.security to be imported.Discussion on market trending security frameworkJAAS Security Configuration Steps:2 Implem...
Discussion on market trending security frameworkSpring Security Configuration Steps:2 Install spring security libraries3 C...
Discussion on market trending security frameworkShiro Security Configuration Steps:2 Create and configure shiro.ini file i...
Discussion on market trending security frameworkShiro Spring Security JAASSimplicity Bit Complicated (Not easilyfathomable...
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
Grails inbuilt security GORM - SQL escaped to prevent SQL injection attacks The default scaffolding templates HTML escap...
Grails inbuilt securityclass SecurityFilters {def filters = {loginCheck(controller: *, action: *) {before = {if (!session....
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
Integrating shiro security with existing applicationApplication Diagram without SHIRO
Integrating shiro security with existing application
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
ConclusionWith shiro it is quite easy to configure security, shiro takes care of most of the issuesthrough its default set...
AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security framework...
Questions and Answers
Write us on info@cygnet-infotech.com toget a free demo SessionFree Consultation
Contact UsEmail: info@cygnet-infotech.comWebsite: www.cygnet-infotech.comFacebookLinkedInTwitter - @CygnetInfotechSkype – ...
Upcoming SlideShare
Loading in...5
×

J2EE Security with Apache SHIRO

3,706

Published on

In this webinar, we focus specifically on how Apache SHIRO can help developers in providing better security architecture. You will also learn the following Application security is gaining critical attention due to increase in cyber-attacks and risks of business and financial losses.

In the context of J2EE development and Java web application development, security concerns are addressed through multiple means. This informative 45 min session to understand approaches and strategies for building secure web applications.

- Planning for Security: Authentication, Authorization, Session Management and Cryptography
- Comparing Different Approaches for Security: JAAS, Spring, Grails
- How to use the simplified universal approach of Apache SHIRO
- A LIVE DEMO on using SHIRO to secure web applications


If you have any query please write to us at inquiry@cygnet-infotech.com

Published in: Technology, Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,706
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
93
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Transcript of "J2EE Security with Apache SHIRO"

  1. 1. WebinarJ2EE Security with Apache SHIRO16th April, 2013
  2. 2. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  3. 3. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  4. 4. What is Authentication, Authorization & Session Mgmt.? Authentication: prove genuineness Authorization: process of granting approval or permission onresources. Session Management: Session management means authenticateonce and confirms on every action that the user is the one whoprovided the original credentials. Key cornerstones in the security of a system. Authentication and authorization are two very related, and yetseparate, concepts. Where Authentication deals with identifying a user, the Authorizationdetermines what a user is allowed to do.
  5. 5. What is Authentication, Authorization & Session Mgmt.?Designers and developers should leverage authorization, authentication and sessionmanagement capabilities as much as possible.
  6. 6. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  7. 7. Introduction on market trending security frameworkJava Authentication and Authorization Service or JAASApache Shiro SecuritySpring Security
  8. 8. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  9. 9. 1 Javax.security to be imported.Discussion on market trending security frameworkJAAS Security Configuration Steps:2 Implement LoginModule Interface3 Override methods like initialize, login, commit, abort, logout.4 Implement call back handlers5 Implement privilege action6 Configure jaas policy files7 Implement Filters
  10. 10. Discussion on market trending security frameworkSpring Security Configuration Steps:2 Install spring security libraries3 Create & Configure spring-security.xml file in class path.4 Provide @secured annotation above methods based on the privilegesInstall spring core libraries1
  11. 11. Discussion on market trending security frameworkShiro Security Configuration Steps:2 Create and configure shiro.ini file in class path3 Provide roles and privileges in shiro.iniInstall shiro libraries and required libraries to project1
  12. 12. Discussion on market trending security frameworkShiro Spring Security JAASSimplicity Bit Complicated (Not easilyfathomable)More complicated.Enterprise session management issupportedNot Supported Not supportedBetter cryptography simplified cryptographyGrails plugin available Grails plugin available Grails plugin is not availableWork and Gel with everyenvironment Spring is notmandatoryDependent on Spring core libraries Part of Java and can work andget with every environment
  13. 13. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  14. 14. Grails inbuilt security GORM - SQL escaped to prevent SQL injection attacks The default scaffolding templates HTML escape all data fields when displayed Link creating tags use appropriate escaping mechanisms to prevent code injection Codecs to prevent injection attacks.
  15. 15. Grails inbuilt securityclass SecurityFilters {def filters = {loginCheck(controller: *, action: *) {before = {if (!session.user && actionName != "login") {redirect(controller: "user", action: "login")return false}}}}}
  16. 16. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  17. 17. Integrating shiro security with existing applicationApplication Diagram without SHIRO
  18. 18. Integrating shiro security with existing application
  19. 19. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  20. 20. ConclusionWith shiro it is quite easy to configure security, shiro takes care of most of the issuesthrough its default settings, existing Java security mechanisms like JAAS, Spring securityare too confusing, complex etc.
  21. 21. AgendaAuthentication, Authorization, Session Management and CryptographyIntroduction on market trending security frameworkDiscussion on market trending security frameworkGrails inbuilt securityLive Demo on integrating shiro security with grails web applicationConclusionQ&A
  22. 22. Questions and Answers
  23. 23. Write us on info@cygnet-infotech.com toget a free demo SessionFree Consultation
  24. 24. Contact UsEmail: info@cygnet-infotech.comWebsite: www.cygnet-infotech.comFacebookLinkedInTwitter - @CygnetInfotechSkype – cygnet-infotech-pvt-ltdIndiaCygnet Infotech Pvt Ltd.2A, Manikyam, Opp. Samudra Annexe,Nr. Shilp Cross Roads, Off. C. G. Road,Navrangpura, Ahmedabad, Gujarat, India.Tel: +91-79-30487400;Fax: +91-79-30487422USACygnet Infotech LLC.Mack-Cali Centre III,140 E, Ridgewood Avenue,Suite 415 ST, Paramus, NJ 07652.Tel: +1-201-995-7444;Fax : +1-201-221-8516
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×