Building an enterprise level single sign-on application with the help of keycloak (Open Source Identity and Access Management).
And understanding the way to secure your application; frontend & backend API’s. Managing user federation with minimum configuration.
API Gateway How-To: The Many Ways to Apply the Gateway PatternVMware Tanzu
SpringOne 2021
Session Title: API Gateway How-To: The Many Ways to Apply the Gateway Pattern
Speakers: Alberto C. Ríos, Staff Engineer at VMware; Shruti B, Software Engineer at VMware"
Spring Boot on Amazon Web Services with Spring Cloud AWSVMware Tanzu
SpringOne 2021
Session Title: Spring Boot on Amazon Web Services with Spring Cloud AWS
Speakers: Maciej Walkowiak, Software Consultant at Independent; Matej Nedic, Software engineer at Ingemark
My presentation from Nordic APIs 2014 in Stockholm, Sweden.
How can the architecture of one API platform look like? How can you break down things to make this challenge easier?
Building an enterprise level single sign-on application with the help of keycloak (Open Source Identity and Access Management).
And understanding the way to secure your application; frontend & backend API’s. Managing user federation with minimum configuration.
API Gateway How-To: The Many Ways to Apply the Gateway PatternVMware Tanzu
SpringOne 2021
Session Title: API Gateway How-To: The Many Ways to Apply the Gateway Pattern
Speakers: Alberto C. Ríos, Staff Engineer at VMware; Shruti B, Software Engineer at VMware"
Spring Boot on Amazon Web Services with Spring Cloud AWSVMware Tanzu
SpringOne 2021
Session Title: Spring Boot on Amazon Web Services with Spring Cloud AWS
Speakers: Maciej Walkowiak, Software Consultant at Independent; Matej Nedic, Software engineer at Ingemark
My presentation from Nordic APIs 2014 in Stockholm, Sweden.
How can the architecture of one API platform look like? How can you break down things to make this challenge easier?
Presentation in IBM Cloud Meet-up of Toronto
https://www.meetup.com/IBM-Cloud-Toronto/events/253903913/?_xtd=gatlbWFpbF9jbGlja9oAJGU3NmM3ZjdmLWE2NzgtNGVlNC1iNGZiLTBlZGE5ZWM0NDZjOQ
The slides from the talk I gave in Java.IL's Apr 2019 session.
These slides describe Keycloak, OAuth 2.0, OpenID and SparkBeyond's integration with Keycloak
Service Mesh with Apache Kafka, Kubernetes, Envoy, Istio and LinkerdKai Wähner
Microservice architectures are not free lunch! Microservices need to be decoupled, flexible, operationally transparent, data aware and elastic. Most material from last years only discusses point-to-point architectures with inflexible and non-scalable technologies like REST / HTTP. This video takes a look at cutting edge technologies like Apache Kafka, Kubernetes, Envoy, Linkerd and Istio to implement a cloud-native service mesh to solve these challenges and bring microservices to the next level of scale, speed and efficiency.
Key takeaways:
- Apache Kafka decouples services, including event streams and request-response
- Kubernetes provides a cloud-native infrastructure for the Kafka ecosystem
- Service Mesh helps with security and observability at ecosystem / organization scale
- Envoy and Istio sit in the layer above Kafka and are orthogonal to the goals Kafka addresses
Blog post: http://www.kai-waehner.de/blog/2019/09/24/cloud-native-apache-kafka-kubernetes-envoy-istio-linkerd-service-mesh
Video recording of this slide deck: https://youtu.be/Us_C4RFOUrA
In this community call, we will discuss the highlights of WSO2 API Manager 4.0 including
- Why we moved from WSO2 API Manager 3.2.0 to 4.0.0.
- New architectural changes
- Overview of the new features with a demo
- Improvements to the existing features and deprecated features
Recording: https://youtu.be/_ks4zEeRFdk
Sign up to get notified of future calls: https://bit.ly/373f4ae
WSO2 API Manager Community Channels:
- Slack: https://apim-slack.wso2.com
- Twitter: https://twitter.com/wso2apimanager
INTERFACE by apidays 2023 - How APIs are fueling the growth of 5G and MECapidays
INTERFACE by apidays 2023
APIs for a “Smart” economy. Embedding AI to deliver Smart APIs and turn into an exponential organization
June 28 & 29, 2023
5GFF presents: How APIs are fueling the growth of 5G and MEC
Michael Murphy, Senior Product Manager - Edge and 5G APIs at Vodafone
Luc-Philippe Bouchard, Senior Solution Architect | 5G MEC API Service Lead at Bell Mobility
Troy Saulnier, Network Strategy at Bell
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
A brief overview of the significance of API Gateways in microservices architecture by providing Kong as an example.
Slide 2: Monolith Vs Microservices
Monolith:
Pros-
Simple to implement
Less integration test - easy to test
Easy to ship
Fast development
Cons-
Violates Open-Close principle
Nightmare when it comes to managing the code
Difficult to enhance
Bigger artifacts
Hard to replace individual components like DB, Logger etc.
Microservices-
Pros-
Easy to manage
One reason to change
Dynamic scaling
Single responsibility
Cons-
Multiple points of failure
Hard to test - rich integration tests required
Heterogeneity in infrastructure
Slide 3: API Gateway Pattern
It is microservices design pattern.
An API gateway is a service which is the entry point into the application from the outside world. It’s responsible for request routing, API composition, and other functions, such as authentication.
There are a lot of issues when client is talking to multiple components to get the job done. These include multiple proxies at client side, different logic to handle different calls, client needs to know the implementation details of server.
A much better approach is for a client to make a single request to what’s known as an API gateway. An API gateway is a service which is the single entry-point for API requests into an application. It’s similar to the Facade pattern from object-oriented design. Like a facade, an API gateway encapsulates the application’s internal architecture and provides an API to its clients. It might also have other responsibilities, such as authentication, monitoring, and rate limiting.
These are also termed as BFF - Backend For Frontend
Slide 4: API Gateway in Action
It acts as a “backend for the frontend”. The clients do not know which services they are talking to. They communicate with a single interface - API Gateway. The gateway resolves the client requests and distributes them to respective services.
Slide 7: Kong Architecture
Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Made available as an open-source project in 2015, its core values are high performance and extensibility.
Actively maintained, Kong is widely used in production at companies ranging from startups to Global 5000 as well as government organizations.
This slide deck explores the impact of MSA on API strategies and designs and the possible changes in API design and deployment, API security, control and monitoring, and CI/CD.
Watch recording: https://wso2.com/library/webinars/2018/09/apis-in-a-microservice-architecture
APIsecure 2023 - Security Considerations for API Gateway Aggregation, Yoshiyu...apidays
APIsecure 2023 - The world's first and only API security conference
March 14 & 15, 2023
Security Considerations for API Gateway Aggregation
Yoshiyuki Tabata, Software Engineer, Hitachi, Ltd.
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
API strategy ensures that the entire IT organization and its resources are aligned with the strategic goals. In this webinar, we gave a brief overview of the problems that digital businesses solve today by adopting an API strategy and how it differs from organization to organization.
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...apidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
Toward certifying Financial-grade API profile with Keycloak
Yoshiyuki Tabata, Software Engineer at Hitachi, Ltd.
Presentation in IBM Cloud Meet-up of Toronto
https://www.meetup.com/IBM-Cloud-Toronto/events/253903913/?_xtd=gatlbWFpbF9jbGlja9oAJGU3NmM3ZjdmLWE2NzgtNGVlNC1iNGZiLTBlZGE5ZWM0NDZjOQ
The slides from the talk I gave in Java.IL's Apr 2019 session.
These slides describe Keycloak, OAuth 2.0, OpenID and SparkBeyond's integration with Keycloak
Service Mesh with Apache Kafka, Kubernetes, Envoy, Istio and LinkerdKai Wähner
Microservice architectures are not free lunch! Microservices need to be decoupled, flexible, operationally transparent, data aware and elastic. Most material from last years only discusses point-to-point architectures with inflexible and non-scalable technologies like REST / HTTP. This video takes a look at cutting edge technologies like Apache Kafka, Kubernetes, Envoy, Linkerd and Istio to implement a cloud-native service mesh to solve these challenges and bring microservices to the next level of scale, speed and efficiency.
Key takeaways:
- Apache Kafka decouples services, including event streams and request-response
- Kubernetes provides a cloud-native infrastructure for the Kafka ecosystem
- Service Mesh helps with security and observability at ecosystem / organization scale
- Envoy and Istio sit in the layer above Kafka and are orthogonal to the goals Kafka addresses
Blog post: http://www.kai-waehner.de/blog/2019/09/24/cloud-native-apache-kafka-kubernetes-envoy-istio-linkerd-service-mesh
Video recording of this slide deck: https://youtu.be/Us_C4RFOUrA
In this community call, we will discuss the highlights of WSO2 API Manager 4.0 including
- Why we moved from WSO2 API Manager 3.2.0 to 4.0.0.
- New architectural changes
- Overview of the new features with a demo
- Improvements to the existing features and deprecated features
Recording: https://youtu.be/_ks4zEeRFdk
Sign up to get notified of future calls: https://bit.ly/373f4ae
WSO2 API Manager Community Channels:
- Slack: https://apim-slack.wso2.com
- Twitter: https://twitter.com/wso2apimanager
INTERFACE by apidays 2023 - How APIs are fueling the growth of 5G and MECapidays
INTERFACE by apidays 2023
APIs for a “Smart” economy. Embedding AI to deliver Smart APIs and turn into an exponential organization
June 28 & 29, 2023
5GFF presents: How APIs are fueling the growth of 5G and MEC
Michael Murphy, Senior Product Manager - Edge and 5G APIs at Vodafone
Luc-Philippe Bouchard, Senior Solution Architect | 5G MEC API Service Lead at Bell Mobility
Troy Saulnier, Network Strategy at Bell
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
A brief overview of the significance of API Gateways in microservices architecture by providing Kong as an example.
Slide 2: Monolith Vs Microservices
Monolith:
Pros-
Simple to implement
Less integration test - easy to test
Easy to ship
Fast development
Cons-
Violates Open-Close principle
Nightmare when it comes to managing the code
Difficult to enhance
Bigger artifacts
Hard to replace individual components like DB, Logger etc.
Microservices-
Pros-
Easy to manage
One reason to change
Dynamic scaling
Single responsibility
Cons-
Multiple points of failure
Hard to test - rich integration tests required
Heterogeneity in infrastructure
Slide 3: API Gateway Pattern
It is microservices design pattern.
An API gateway is a service which is the entry point into the application from the outside world. It’s responsible for request routing, API composition, and other functions, such as authentication.
There are a lot of issues when client is talking to multiple components to get the job done. These include multiple proxies at client side, different logic to handle different calls, client needs to know the implementation details of server.
A much better approach is for a client to make a single request to what’s known as an API gateway. An API gateway is a service which is the single entry-point for API requests into an application. It’s similar to the Facade pattern from object-oriented design. Like a facade, an API gateway encapsulates the application’s internal architecture and provides an API to its clients. It might also have other responsibilities, such as authentication, monitoring, and rate limiting.
These are also termed as BFF - Backend For Frontend
Slide 4: API Gateway in Action
It acts as a “backend for the frontend”. The clients do not know which services they are talking to. They communicate with a single interface - API Gateway. The gateway resolves the client requests and distributes them to respective services.
Slide 7: Kong Architecture
Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Made available as an open-source project in 2015, its core values are high performance and extensibility.
Actively maintained, Kong is widely used in production at companies ranging from startups to Global 5000 as well as government organizations.
This slide deck explores the impact of MSA on API strategies and designs and the possible changes in API design and deployment, API security, control and monitoring, and CI/CD.
Watch recording: https://wso2.com/library/webinars/2018/09/apis-in-a-microservice-architecture
APIsecure 2023 - Security Considerations for API Gateway Aggregation, Yoshiyu...apidays
APIsecure 2023 - The world's first and only API security conference
March 14 & 15, 2023
Security Considerations for API Gateway Aggregation
Yoshiyuki Tabata, Software Engineer, Hitachi, Ltd.
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
API strategy ensures that the entire IT organization and its resources are aligned with the strategic goals. In this webinar, we gave a brief overview of the problems that digital businesses solve today by adopting an API strategy and how it differs from organization to organization.
apidays LIVE LONDON - Toward certifying Financial-grade API profile with Keyc...apidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
Toward certifying Financial-grade API profile with Keycloak
Yoshiyuki Tabata, Software Engineer at Hitachi, Ltd.
2013.devcon3 liferay and google authenticator integration rafik_harabiRafik HARABI
Today, with expand of the web portal, many customers are seeking for more secure solutions to access to their web portal outside of their own networks.
For Liferay portal customers, this request has been increased due to the number of portal deployed on Cloud and the increase of deployment of Liferay portal for internet sites (B2C …).
One of the proposed solutions is the use of Multi-factor authentication mechanism.
Google Authenticator is one of the lead open source dual factor authentication systems.
In this presentation, we will explain the integration technical solution of Liferay and Google Authenticator in order to deliver a two-factor authentication system. The presentation will be followed by a live demo.
apidays Paris 2022 - Securing APIs in Open Banking, Takashi Norimatsu, Hitachiapidays
December 14, 15 & 16, 2022
Securing APIs in Open Banking - FAPI and its implementation to OSS
Takashi Norimatsu, Senior Engineer at Hitachi, Ltd.
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
This covers security with APIc/gateway. It goes over high-level concepts and what IBM APIc can offer, this covers 2018, and v10 of the product
Note: this is from a presentation from a year or so ago, with some updates to the link
How to Build an Effective API Security StrategyNordic APIs
Gartner predicts that by 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise applications. Learn about the best practices to design and execute an effective API security strategy, including the complimentary roles of an Identity Provider and an API gateway.
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
As APIs continue to drive digital transformation efforts in the enterprise and support innovative customer experiences, securing them has never been more important.
Principal Regional Solution Architect, Philippe Dubuc introduces how to leverage OpenID Connect, OAuth2 and new emerging standards to protect APIs at API Days Paris on 11 December, 2018. In addition, Philippe goes over how the Intelligent Ping Identity Platform can be used to protect APIs in a pro-active way and how AI can help to protect against attacks.
Learn more: http://ow.ly/2Ojm30n1rCT
The Whys and Hows of Deploying a Secure RPA SolutionOption3
Segregation of Duties, Maintaining Platform Security, Managing Change Management & Audit and Securing Data Access and Credentials are just some of the challenges of securing a Robotic Process Automation Deployment
Getting Started with API Management – Why It's Needed On-prem and in the CloudRevelation Technologies
APIs are one of the main elements of cloud services. All major cloud service providers expose REST APIs to allow you to programmatically access their services and capabilities. SOAP and REST are the two most common ways of exposing APIs, whether to external, partner, cloud, or internal developers.
The concept of API management is to publish these web APIs for consumption, and includes capabilities such as monitoring, security, and documentation.
This presentation introduces basic concepts of APIs, API management, cloud REST services, and a brief walkthrough of WSO2 API Manager and Oracle API Gateway to see how you can centrally publish, expose, and secure APIs, essentially virtualizing your backend services.
Acorn Recovery: Restore IT infra within minutesIP ServerOne
Introducing Acorn Recovery as a Service, a simple, fast, and secure managed disaster recovery (DRaaS) by IP ServerOne. A DR solution that helps restore your IT infra within minutes.
This presentation by Morris Kleiner (University of Minnesota), was made during the discussion “Competition and Regulation in Professions and Occupations” held at the Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found out at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Orkestra
UIIN Conference, Madrid, 27-29 May 2024
James Wilson, Orkestra and Deusto Business School
Emily Wise, Lund University
Madeline Smith, The Glasgow School of Art
This presentation, created by Syed Faiz ul Hassan, explores the profound influence of media on public perception and behavior. It delves into the evolution of media from oral traditions to modern digital and social media platforms. Key topics include the role of media in information propagation, socialization, crisis awareness, globalization, and education. The presentation also examines media influence through agenda setting, propaganda, and manipulative techniques used by advertisers and marketers. Furthermore, it highlights the impact of surveillance enabled by media technologies on personal behavior and preferences. Through this comprehensive overview, the presentation aims to shed light on how media shapes collective consciousness and public opinion.
0x01 - Newton's Third Law: Static vs. Dynamic AbusersOWASP Beja
f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures.
About the Speaker
===============
Diogo Sousa, Engineering Manager @ Canonical
An opinionated individual with an interest in cryptography and its intersection with secure software development.