Want to build user authentication into your iOS apps quickly and securely?
In this presentation, iOS Developer Evangelist Edward Jiang will go over OAuth, best practices, and how to easily integrating Facebook, Google, and email logins into your app using Stormpath's iOS SDK!
Topics Covered:
- Stormpath Customer Identity Management
- What does authentication mean?
- Common methods of mobile authentication
- OAuth Token Authentication
- Building Login & Registration with Stormpath
- Making authenticated network requests
- Add Facebook / Google login with one line of code
- Technical Q&A
In this presentation, Java Developer Evangelist Micah Silverman will show you how to “Write Once, Run Any Tenant”. With a single application and some configuration in Stormpath’s Admin Console, your application will be able to support multiple Organizations of users.
This is great for SaaS applications who need to securely partition their Customer organizations; each Organization will have no knowledge of or access to the others.
By the end of this webinar, you’ll be on your way to a fully functioning Spring Boot app with Multi-Tenancy backed by Stormpath.
Topics Covered:
Stormpath Customer Identity Management
Why Build a Multi-Tenant Application?
Quickstart on setting up Multi-Tenancy in your Spring Boot application including:
Configuring Authentication using Subdomains
Setting up Organizations, Directories, and Accounts
Enabling the Stormpath Application for Authentication and Authorization
Configuring ID Site for pre-built Authentication workflows
Tying it all together with only one instance of your Spring Boot application running
Technical Q&A
Multi-Tenancy with Subdomains + Spring Boot: https://stormpath.com/blog/idsite-multi-tenancy/
Multi-Tenancy Code Example: https://github.com/stormpath/stormpath-java-idsite-multi-tenant-example
Stormpath Java SDK: https://github.com/stormpath/stormpath-sdk-java
All The Stormpath Java Integrations: http://docs.stormpath.com/java/
Stormpath Java Developer Evangelist, Micah Silverman, takes a deep dive into using JWTs to protect microservices from CSRF and more. Micah will explain how JWTs can be used to secure web applications built with Java, OAuth2 and JWTs, and 'unsafe' clients, while supporting security best practices and even improving application performance and scale.
Secure API Services in Node with Basic Auth and OAuth2Stormpath
In this presentation, Lead Developer Evangelist Randall Degges will go over how API authentication works via HTTP Basic Auth and OAuth2 (Client Credentials), and will show you how to secure an Express.js API service with both of them using Stormpath!
Stormpath 101: Spring Boot + Spring SecurityStormpath
In this presentation, Java Developer Evangelist Micah Silverman will go over common pain points with Java authentication and how to solve them using Stormpath, Spring Boot, and Spring Security!
Stormpath .NET Developer Evangelist, Nate Barbettini, presents Token Authentication with ASP.NET Core. Nate will explain how Token Authentication can be used to secure web applications built with ASP.NET Core, REST APIs, and 'unsafe' clients while supporting security best practices and even improving performance and scale.
Single Page Apps bring a unique set of concerns to authentication and user management. Robert Damphousse, lead Javascript engineer at Stormpath, will show you how to use Stormpath to secure an Angular.js app with any backend: Java, Node, PHP, .NET and more!
Robert will deep dive into Angular.js authentication best practices and an extended technical example. Join us!
Topics Covered:
- Authentication in Single Page Apps (SPA)
- Using JWTs instead of Session IDs
- Secure Cookie storage
- Cross-Origin Resource Sharing
- Where does Stormpath fit in your architecture?
- End-to-end example with Angular.js + Express.js
- Password-based registration and login
- How to secure your API endpoints
- Implement User Authorization
- Design for a frictionless User Experience
Sign up for Stormpath: https://api.stormpath.com/register
More from Stormpath: https://stormpath.com/blog
Join Stormpath Java Developer Evangelist Micah Silverman for a technical overview of the common pain points with Java authentication. We'll cover how to solve them with Stormpath in a Spring Boot application, and demonstrate how to quickly add a complete user management system to your Spring Boot app. By the end of this webinar, you’ll be on your way to a fully functioning Spring Boot app backed by Stormpath.
Topics Covered:
Authentication Pain Points in Java Stormpath, Spring Boot, and Your Architecture
Demo:
Auth in Spring Boot, with these features:
A complete user registration and login system
Pre-built login screens
Password reset workflows
Group-based authorization
Advanced user features: API authentication, Single Sign-On, social login, and more Technical Q&A
Join Stormpath Developer Evangelist, Robert Damphousse, to dive deep into browser security. Robert will explain how Session IDs, Man in the Middle (MITM), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) attacks work, and how to use cookies to support security best practices.
Topics Covered:
- Security concerns for modern web apps
- Cookies, the right way
- MITM, XSS, and CSRF attacks
- Session ID problems
- Examples in an Angular app
In this presentation, Java Developer Evangelist Micah Silverman will show you how to “Write Once, Run Any Tenant”. With a single application and some configuration in Stormpath’s Admin Console, your application will be able to support multiple Organizations of users.
This is great for SaaS applications who need to securely partition their Customer organizations; each Organization will have no knowledge of or access to the others.
By the end of this webinar, you’ll be on your way to a fully functioning Spring Boot app with Multi-Tenancy backed by Stormpath.
Topics Covered:
Stormpath Customer Identity Management
Why Build a Multi-Tenant Application?
Quickstart on setting up Multi-Tenancy in your Spring Boot application including:
Configuring Authentication using Subdomains
Setting up Organizations, Directories, and Accounts
Enabling the Stormpath Application for Authentication and Authorization
Configuring ID Site for pre-built Authentication workflows
Tying it all together with only one instance of your Spring Boot application running
Technical Q&A
Multi-Tenancy with Subdomains + Spring Boot: https://stormpath.com/blog/idsite-multi-tenancy/
Multi-Tenancy Code Example: https://github.com/stormpath/stormpath-java-idsite-multi-tenant-example
Stormpath Java SDK: https://github.com/stormpath/stormpath-sdk-java
All The Stormpath Java Integrations: http://docs.stormpath.com/java/
Stormpath Java Developer Evangelist, Micah Silverman, takes a deep dive into using JWTs to protect microservices from CSRF and more. Micah will explain how JWTs can be used to secure web applications built with Java, OAuth2 and JWTs, and 'unsafe' clients, while supporting security best practices and even improving application performance and scale.
Secure API Services in Node with Basic Auth and OAuth2Stormpath
In this presentation, Lead Developer Evangelist Randall Degges will go over how API authentication works via HTTP Basic Auth and OAuth2 (Client Credentials), and will show you how to secure an Express.js API service with both of them using Stormpath!
Stormpath 101: Spring Boot + Spring SecurityStormpath
In this presentation, Java Developer Evangelist Micah Silverman will go over common pain points with Java authentication and how to solve them using Stormpath, Spring Boot, and Spring Security!
Stormpath .NET Developer Evangelist, Nate Barbettini, presents Token Authentication with ASP.NET Core. Nate will explain how Token Authentication can be used to secure web applications built with ASP.NET Core, REST APIs, and 'unsafe' clients while supporting security best practices and even improving performance and scale.
Single Page Apps bring a unique set of concerns to authentication and user management. Robert Damphousse, lead Javascript engineer at Stormpath, will show you how to use Stormpath to secure an Angular.js app with any backend: Java, Node, PHP, .NET and more!
Robert will deep dive into Angular.js authentication best practices and an extended technical example. Join us!
Topics Covered:
- Authentication in Single Page Apps (SPA)
- Using JWTs instead of Session IDs
- Secure Cookie storage
- Cross-Origin Resource Sharing
- Where does Stormpath fit in your architecture?
- End-to-end example with Angular.js + Express.js
- Password-based registration and login
- How to secure your API endpoints
- Implement User Authorization
- Design for a frictionless User Experience
Sign up for Stormpath: https://api.stormpath.com/register
More from Stormpath: https://stormpath.com/blog
Join Stormpath Java Developer Evangelist Micah Silverman for a technical overview of the common pain points with Java authentication. We'll cover how to solve them with Stormpath in a Spring Boot application, and demonstrate how to quickly add a complete user management system to your Spring Boot app. By the end of this webinar, you’ll be on your way to a fully functioning Spring Boot app backed by Stormpath.
Topics Covered:
Authentication Pain Points in Java Stormpath, Spring Boot, and Your Architecture
Demo:
Auth in Spring Boot, with these features:
A complete user registration and login system
Pre-built login screens
Password reset workflows
Group-based authorization
Advanced user features: API authentication, Single Sign-On, social login, and more Technical Q&A
Join Stormpath Developer Evangelist, Robert Damphousse, to dive deep into browser security. Robert will explain how Session IDs, Man in the Middle (MITM), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) attacks work, and how to use cookies to support security best practices.
Topics Covered:
- Security concerns for modern web apps
- Cookies, the right way
- MITM, XSS, and CSRF attacks
- Session ID problems
- Examples in an Angular app
Slides from Micah Silverman's, Stormpath Developer Evangelist, webinar on using JWTs to protect against CSRF as well as to secure communications between microservices. Micah shows how JWTs can be used to secure web applications built with Java and protect from 'unsafe' clients.
REST API Security: OAuth 2.0, JWTs, and More!Stormpath
Les Hazlewood, Stormpath CTO, already showed you how to build a Beautiful REST+JSON API, but how do you secure your API? At Stormpath, we spent 18 months researching best practices. Join Les as he explains how to secure your REST API, the right way. We'll also host a live Q&A session at the end.
Securing Web Applications with Token AuthenticationStormpath
In this presentation, Java Developer Evangelist Micah Silverman demystifies HTTP Authentication and explains how the Next Big Thing - Token Authentication - can be used to secure web applications on the JVM, REST APIs, and 'unsafe' clients while supporting security best practices and even improving your application's performance and scale.
Topics Covered:
Security Concerns for Modern Web Apps
Cross-Site Scripting Prevention
Working with 'Untrusted Clients'
Securing API endpoints
Cookies
Man in the Middle (MitM) Attacks
Cross-Site Request Forgery
Session ID Problems
Token Authentication
JWTs
Working with the JJWT library
End-to-end example with Spring Boot
In this presentation, Stormpath iOS Developer Evangelist Edward Jiang will go over OAuth 2.0, mobile authentication best practices, and how to easily integrate Facebook, Google, and email logins into your app using Stormpath's iOS SDK.
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
Durable functions offer an interesting programming model for building workflows. Whether you need to sometimes split and do multiple things or wait for user input, a lot of things are possible. They do present some challenges as well, and the limitations of orchestrator functions can make working with Durable seem very complicated.
In this talk we will go through the basics of Durable Functions along with strategies for deploying and monitoring them. A sample application will be presented where users can send documents for electronic signature. A Durable Functions workflow will power the signing process.
The Ultimate Guide to Mobile API SecurityStormpath
Join Stormpath Developer Evangelist Edward Jiang to learn more about the common ways developers authenticate users in their mobile apps, what to watch out for when building your backend API and mobile apps, and how to integrate a secure user datastore to manage your users and authentication.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
ApacheCon 2014: Infinite Session Clustering with Apache Shiro & CassandraDataStax Academy
In this session Les Hazlewood, the Apache Shiro PMC Chair, will cover Shiro's enterprise session management capabilities, how it can be used across any application (not just web or JEE applications) and how to use Cassandra as Shiro's session store, enabling a distributed session cluster supporting hundreds of thousands or even millions of concurrent sessions. As a working example, Les will show how to set up a session cluster in under 10 minutes using Cassandra. If you need to scale user session load, you won't want to miss this!
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB
Before adding sensitive data to your database, it’s imperative that you thoroughly consider security and implement measures to keep it safe. MongoDB Atlas strives to streamline this process for developers by integrating a growing set of core security features with our deployments. As an engineer on Atlas, I think about how to make these features comprehensive and easy to use, and observe how developers interact with them. In this talk, I’ll discuss why the features we provide are important, and how you can easily tune them to suit your particular needs as your application grows.
What are JSON Web Tokens and Why Should I Care?Derek Edwards
In this talk originally presented at the San Diego Javascript meetup on December 3rd 2014, I explain how JSON Web Tokens can be used as a replacement for session/cookie-based user authentication in modern web applications.
Since web applications are increasingly leveraging client-side MVC frameworks such as Ember.JS, Angular and Backbone, traditional authentication schemes that leverage cookies are less desirable. I explain the key challenges with traditional authentication schemes and how JWT can be used as a very clean alternative.
Zero Credential Development with Managed IdentitiesJoonas Westlin
Keys are always needed to access services in Azure and beyond. Storing and managing keys presents many problems, for example rotating and disabling them. Keys often also allow blanket access to the service with no way to limit it. Sometimes there is only one key that needs to be shared by services, so you won't have any way to disable access from one individually. In this talk we will go through Managed Identities for Azure Resources, how they work, and how you can use them to use Azure services in a secure way without having to manage any keys yourself. We will go through a demo application which uses various Azure services through a managed identity, removing the need to use keys entirely. The source code will be available to the audience so they have samples that they can use to implement managed identities in their own applications.
Super simple application security with Apache ShiroMarakana Inc.
Les Hazlewood, founder of the Apache Shiro project, covers the benefits of using Shiro as an application security framework.
Check out the video for this presentation, as well as more training resources for Java here: http://marakana.com/forums/java/general/183.html
Zero Credential Development with Managed Identities for Azure resourcesJoonas Westlin
Introduction to Managed Identities in Azure, what they are and how they work. Also goes through what services they can be used with in Azure, how you can use services without any keys or secrets.
Instant Security & Scalable User Management with Spring BootStormpath
In this talk, Les Hazlewood, Stormpath CTO and Apache Shiro Chair, goes beyond the traditional way to secure applications and takes a deep dive into how Spring Security + Stormpath gives you an instant, highly-available and highly-secure user management system for Spring Boot applications.
Building Beautiful REST APIs in ASP.NET CoreStormpath
Core 1.0 is the latest iteration of ASP.NET. What’s changed? Everything! Nate Barbettini, .NET Developer Evangelist at Stormpath, does a deep dive on how to build RESTful APIs the right way on top of ASP.NET Web API.
Storing User Files with Express, Stormpath, and Amazon S3Stormpath
Join Stormpath Developer Evangelist, Randall Degges, to learn how to store user files using Amazon S3. He’ll cover everything you need to know to properly handle user files in your web applications.
Randall will cover:
- What is the problem we're trying to solve?
- How files are typically stored
- What you need to know about Amazon S3
- How to build a basic Express application with user authentication
- How to securely store files in S3 using express-stormpath-s3
- Q/A Session
Slides from Micah Silverman's, Stormpath Developer Evangelist, webinar on using JWTs to protect against CSRF as well as to secure communications between microservices. Micah shows how JWTs can be used to secure web applications built with Java and protect from 'unsafe' clients.
REST API Security: OAuth 2.0, JWTs, and More!Stormpath
Les Hazlewood, Stormpath CTO, already showed you how to build a Beautiful REST+JSON API, but how do you secure your API? At Stormpath, we spent 18 months researching best practices. Join Les as he explains how to secure your REST API, the right way. We'll also host a live Q&A session at the end.
Securing Web Applications with Token AuthenticationStormpath
In this presentation, Java Developer Evangelist Micah Silverman demystifies HTTP Authentication and explains how the Next Big Thing - Token Authentication - can be used to secure web applications on the JVM, REST APIs, and 'unsafe' clients while supporting security best practices and even improving your application's performance and scale.
Topics Covered:
Security Concerns for Modern Web Apps
Cross-Site Scripting Prevention
Working with 'Untrusted Clients'
Securing API endpoints
Cookies
Man in the Middle (MitM) Attacks
Cross-Site Request Forgery
Session ID Problems
Token Authentication
JWTs
Working with the JJWT library
End-to-end example with Spring Boot
In this presentation, Stormpath iOS Developer Evangelist Edward Jiang will go over OAuth 2.0, mobile authentication best practices, and how to easily integrate Facebook, Google, and email logins into your app using Stormpath's iOS SDK.
Building a document e-signing workflow with Azure Durable FunctionsJoonas Westlin
Durable functions offer an interesting programming model for building workflows. Whether you need to sometimes split and do multiple things or wait for user input, a lot of things are possible. They do present some challenges as well, and the limitations of orchestrator functions can make working with Durable seem very complicated.
In this talk we will go through the basics of Durable Functions along with strategies for deploying and monitoring them. A sample application will be presented where users can send documents for electronic signature. A Durable Functions workflow will power the signing process.
The Ultimate Guide to Mobile API SecurityStormpath
Join Stormpath Developer Evangelist Edward Jiang to learn more about the common ways developers authenticate users in their mobile apps, what to watch out for when building your backend API and mobile apps, and how to integrate a secure user datastore to manage your users and authentication.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
ApacheCon 2014: Infinite Session Clustering with Apache Shiro & CassandraDataStax Academy
In this session Les Hazlewood, the Apache Shiro PMC Chair, will cover Shiro's enterprise session management capabilities, how it can be used across any application (not just web or JEE applications) and how to use Cassandra as Shiro's session store, enabling a distributed session cluster supporting hundreds of thousands or even millions of concurrent sessions. As a working example, Les will show how to set up a session cluster in under 10 minutes using Cassandra. If you need to scale user session load, you won't want to miss this!
MongoDB World 2019: MongoDB Atlas Security 101 for DevelopersMongoDB
Before adding sensitive data to your database, it’s imperative that you thoroughly consider security and implement measures to keep it safe. MongoDB Atlas strives to streamline this process for developers by integrating a growing set of core security features with our deployments. As an engineer on Atlas, I think about how to make these features comprehensive and easy to use, and observe how developers interact with them. In this talk, I’ll discuss why the features we provide are important, and how you can easily tune them to suit your particular needs as your application grows.
What are JSON Web Tokens and Why Should I Care?Derek Edwards
In this talk originally presented at the San Diego Javascript meetup on December 3rd 2014, I explain how JSON Web Tokens can be used as a replacement for session/cookie-based user authentication in modern web applications.
Since web applications are increasingly leveraging client-side MVC frameworks such as Ember.JS, Angular and Backbone, traditional authentication schemes that leverage cookies are less desirable. I explain the key challenges with traditional authentication schemes and how JWT can be used as a very clean alternative.
Zero Credential Development with Managed IdentitiesJoonas Westlin
Keys are always needed to access services in Azure and beyond. Storing and managing keys presents many problems, for example rotating and disabling them. Keys often also allow blanket access to the service with no way to limit it. Sometimes there is only one key that needs to be shared by services, so you won't have any way to disable access from one individually. In this talk we will go through Managed Identities for Azure Resources, how they work, and how you can use them to use Azure services in a secure way without having to manage any keys yourself. We will go through a demo application which uses various Azure services through a managed identity, removing the need to use keys entirely. The source code will be available to the audience so they have samples that they can use to implement managed identities in their own applications.
Super simple application security with Apache ShiroMarakana Inc.
Les Hazlewood, founder of the Apache Shiro project, covers the benefits of using Shiro as an application security framework.
Check out the video for this presentation, as well as more training resources for Java here: http://marakana.com/forums/java/general/183.html
Zero Credential Development with Managed Identities for Azure resourcesJoonas Westlin
Introduction to Managed Identities in Azure, what they are and how they work. Also goes through what services they can be used with in Azure, how you can use services without any keys or secrets.
Instant Security & Scalable User Management with Spring BootStormpath
In this talk, Les Hazlewood, Stormpath CTO and Apache Shiro Chair, goes beyond the traditional way to secure applications and takes a deep dive into how Spring Security + Stormpath gives you an instant, highly-available and highly-secure user management system for Spring Boot applications.
Building Beautiful REST APIs in ASP.NET CoreStormpath
Core 1.0 is the latest iteration of ASP.NET. What’s changed? Everything! Nate Barbettini, .NET Developer Evangelist at Stormpath, does a deep dive on how to build RESTful APIs the right way on top of ASP.NET Web API.
Storing User Files with Express, Stormpath, and Amazon S3Stormpath
Join Stormpath Developer Evangelist, Randall Degges, to learn how to store user files using Amazon S3. He’ll cover everything you need to know to properly handle user files in your web applications.
Randall will cover:
- What is the problem we're trying to solve?
- How files are typically stored
- What you need to know about Amazon S3
- How to build a basic Express application with user authentication
- How to securely store files in S3 using express-stormpath-s3
- Q/A Session
Join Stormpath Head of Product, Tom Abbott, to demo our new custom data search feature, answering any questions along the way. The demo will cover how to store, update, and retrieve the contents of custom data objects. This is a great way for current users to ramp up on this powerful, and much-anticipated feature.
Topics Covered:
- Storing and updating custom data
- What you can store
- Retrieving custom data
- Custom data search queries
At Stormpath we spent 18 months researching API design best practices. Join Les Hazlewood, Stormpath CTO and Apache Shiro Chair, as he explains how to design a secure REST API, the right way. He'll also hang out for a live Q&A session at the end.
Sign up for Stormpath: https://api.stormpath.com/register
More from Stormpath: http://www.stormpath.com/blog
Les will cover:
REST + JSON API Design
Base URL design tips
API Security
Versioning for APIs
API Resource Formatting
API Return Values and Content Negotiation
API References (Linking)
API Pagination, Parameters, & Errors
Method Overloading
Resource Expansion and Partial Responses
Error Handling
Multi-tenancy
Building Secure User Interfaces With JWTs (JSON Web Tokens)Stormpath
With new tools like Angular.js and Node.js, it is easier than ever to build User Interfaces and Single-Page Applications (SPAs) backed by APIs.
But how to do it securely? Web browsers are woefully insecure, and hand-rolled APIs are risky.
In this presentation, Robert Damphousse, lead front-end developer at Stormpath, covers web browser security issues, technical best practices and how you can mitigate potential risks. Enjoy!
Topics Covered:
1. Security Concerns for Modern Web Apps
2. Cookies, The Right Way
3. Session ID Problems
4. Token Authentication to the rescue!
5. Angular Examples
Join Stormpath Java Developer Evangelist, Matt Raible, to learn how to build apps using Angular. You will learn about the tools you need to setup a project, how to run/debug your app, and how to deploy it to the cloud. You’ll also learn about new concepts in Angular 2+.
Build a REST API for your Mobile Apps using Node.jsStormpath
Join Stormpath Developer Evangelist, Edward Jiang, to learn how to build your first REST API using Node.js, and connect it to an iOS or Android app. He’ll cover everything you need to know to about building an API and take you through an example with live code samples.
Token Authentication for Java ApplicationsStormpath
Everyone building a web application that supports user login is concerned with security. How do you securely authenticate users and keep their identity secure? With the huge growth in Single Page Applications (SPAs), JavaScript and mobile applications, how do you keep users safe even though these are 'unsafe' client environments?
This presentation will demystify HTTP Authentication and explain how the Next Big Thing - Token Authentication - can be used to secure web applications on the JVM, REST APIs, and 'unsafe' clients while supporting security best practices and even improving your application's performance and scale.
Building Beautiful REST APIs with ASP.NET CoreStormpath
Join Stormpath .NET Developer Evangelist, Nate Barbettini, to learn best practices for designing your REST API in ASP.NET Core. Nate will explain how to build HATEOS-compliant JSON APIs while supporting security best practices and even improving performance and scale.
Topics Covered:
What is REST and HATEOS?
How to think about RESTful APIs
How to model hypermedia in C#
Building JSON APIs in ASP.NET Core
Build a Node.js Client for Your REST+JSON APIStormpath
In this presentation, Les Hazlewood - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting a Node.js Client purpose-built for a real-world REST+JSON API.
Further reading: http://www.stormpath.com/blog
Stormpath is a user management and authentication service for developers. By offloading user management and authentication to Stormpath, developers can bring applications to market faster, reduce development costs, and protect their users. Easy and secure, the flexible cloud service can manage millions of users with a scalable pricing model.
Last year, Stormpath made the big shift from Scrum to Kanban. While we love Agile principles, the Scrum process wasn’t working for us. Kanban made our team more efficient, happier, and increased our focus on quality software. More importantly, it has become a core part of our company culture, and is now used by non-technical teams like Marketing and HR.
Kanban software development focuses on continuous delivery and drives high efficiency by limiting how much work can be done at once. Invented by Toyota and modified by David J. Anderson for software development, Kanban can have a huge impact on modern teams delivering cloud software in continuous environments.
Companion slides for Stormpath CTO and Co-Founder Les Hazlewood's Elegant REST Design Webinar. This presentation covers all the RESTful best practices learned building the Stormpath APIs. Whether you’re writing your first API, or just need to figure out that last piece of the puzzle, this is a great opportunity to learn more.
Stormpath is a User Management API that reduces development time with instant-on, scalable user infrastructure. Stormpath's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.
Build A Killer Client For Your REST+JSON APIStormpath
REST+JSON APIs are great - but you still need to communicate with them from your code. Wouldn't you prefer to interact with clean and intuitive Java objects instead of messing with HTTP requests, HTTP status codes and JSON parsing? Wouldn't you prefer to work with type-safe objects specific to your API?
In this presentation, Les Hazlewood - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting multiple clients purpose-built for a real-world REST+JSON API.
Further reading: http://www.stormpath.com/blog
Stormpath is a user management and authentication service for developers. By offloading user management and authentication to Stormpath, developers can bring applications to market faster, reduce development costs, and protect their users. Easy and secure, the flexible cloud service can manage millions of users with a scalable pricing model.
Designing and building a really clean and intuitive ReST API is no small feat. You have to worry about resources, collections of resources, pagination, query parameters, references to other resources, which HTTP methods to use, HTTP caching, security, and more. And you have to make sure it lasts and doesn’t break clients as you add features over time. Furthermore, although there are many references on creating REST APIs with XML, there are far fewer references on REST + JSON. It is enough to drive you crazy. This session demonstrates how to design and implement an elegant REST API.
Sign up for Stormpath: https://api.stormpath.com/register
More from Stormpath: http://www.stormpath.com/blog
ID Next 2013 Keynote Slides by Mike SchwartzMike Schwartz
Slide deck from Mike Schwartz's keynote address at ID Next 2013 in The Hague, Netherlands. His speech discussed what tools and rules are needed for scaling federations to include networks of trusted Identity Providers (IDP's) and Service Providers (SP's).
На Citrix Synergy был представлен XenDesktop 5, как всегда, в пресс-релизах все стало лучше, быстрее, сильнее и чудесатее. Данный доклад поможет разобраться в деталях
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure M...DataArt
Антон Бойко (Microsoft Azure MVP, Ukrainian Azure Community Founder) «Azure Mobile Services — создаем backend для мобильного приложения со скоростью света»
The ColdBox cbsecurity module is a collection of modules to help secure your ColdBox applications. In this session, we will explore all the features behind CBSecurity 3. We will build an application using the module to showcase authentication, authorization, and JWT authentication.
https://coldbox-security.ortusbooks.com/
https://intothebox.org
https://cfcasts.com/
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
การเพิ่มความปลอดภัยของการ Authentication ในรูปแบบต่างๆ โดย Azure Active Directory (AAD)
เช่น MFA (Multi Factor Authentication), Conditional Access and Windows Hello for Business
โดยคุณธัญพล ษณะนาคินทร์
Microsoft MVP (Azure)
In this presentation you will see how to use Microsoft Azure Mobile Services to add structured storage, integrated authentication and scaling to your Windows apps. Presented November 15, 2014 at the London Azure Camp hosted by the London .NET Developers group in London, Ontario, Canada.
No-Code SAML Support for SaaS Applications with StormpathLindsay Brunner
In this presentation, Stormpath Product Lead, Tom Abbott, will Stormpath SAML support gives your customers a seamless single sign-on experience, enhances user profiles with Stormpath Identity functionality, and enables SAML in your applications without custom code.
Working with credentials for Azure resources, you want to avoid storing your credentials in repositories when possible. In this session, we will talk about some of the options for working with credentials in Azure development without checking them into repositories - including managed identities, DefaultAzureCredential, and ChainedTokenCredential.
If you struggle with identity manager and the user sign-in experience for your consumer applications and websites; here we are going to take a closer look at the custom implementation of Azure AD B2C for one big banking product with thousands of users daily. Azure AD B2C is a service to help you reliably and securely maintain user accounts of the B2C applications. We show you the scenes of the developer's journey that made it possible, some solutions and how we connected existing web and mobile apps and allowed users to sign-in and use existing APIs painlessly.
In this session Tomasso will explain what Web APIs are, why do we need them and how to implement them in Azure with API Apps. He is going to show in several demos how you can create a custom API App, test and deploy it, but also more advanced topics like how to add authentication to an API App.
Similar to Mobile Authentication for iOS Applications - Stormpath 101 (20)
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Modern design is crucial in today's digital environment, and this is especially true for SharePoint intranets. The design of these digital hubs is critical to user engagement and productivity enhancement. They are the cornerstone of internal collaboration and interaction within enterprises.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
2. Welcome!
• Agenda
• Stormpath 101 (5 mins)
• Get Started with iOS (25 mins)
• Q&A (30 mins)
• Kaitlyn Barnard
Marketing
• Edward Jiang
iOS Developer Evangelist
3. Speed to Market & Cost Reduction
• Complete Identity solution out-of-the-box
• Security best practices and updates by default
• Clean & elegant API/SDKs
• Little to code, no maintenance
12. Server-Based Authentication
• Easy to use and implement
• Auth details are sent on every request
• Auth details do not expire
• Hard to scale, as verifying a request needs access to
central database
18. Token Authentication
• More Secure
o Auth details are sent on every request, BUT!
o Auth token expires
• Easy to scale, as servers can verify a token with the signing
key
• Extensible
o Scale across multiple backend services
o Can embed information in the JSON