Multi-tenancy OAuth with Spring Security 5.2

October 16, 2019

A very typical OAuth deployment includes an Authorization Server and a set of applications and APIs that trust authorities issued by that Authorization Server. But what about APIs and applications that serve more than one tenant? Can a single API or application trust multiple Authorization Servers? What about making those decisions programmatically at runtime or via a database? Multi-tenant deployments bring their own set of challenges, especially when you have thousands of tenants of varying shapes and sizes. This talk will introduce AuthenticationManagerResolver, a simple interface from Spring Security that packs a lot of punch due to its strategic placement in the filter chain. We’ll also review Spring Security’s ClientRegistrationRepository and where it comes into play. We’ll begin with a very typical OAuth application and then explore a few different deployment models, expanding it throughout the talk into a secure, yet dynamic, database-driven, multi-tenant deployment. Speaker: Josh Cummings; Software Engineer, Pivotal Filmed at SpringOne Platform 2019 Slides: https://www.slideshare.net/SpringCentral/multitenancy-oauth-with-spring-security-52

Spring Data to Spring Cloud to Spring Security: How Azure Supercharges Spring Boot

Your software systems require a lot more than just business logic. You have to authenticate users, store da...

Next Video

How to Get Productive with Spring Boot

For application developers, reduced development time and development effort plays a large part in increasin...

Multi-tenancy OAuth with Spring Security 5.2

Previous

Next Video

Most Recent

SpringOne Platform is the premier conference for getting hands-on with modern software. Master new technologies. Train or get certified. Spark new connections.

The program is a large satellite ground station. The problem is the long lead time and expense to build, deploy, and maintain it in various integration and operational environments. While previous ini

We'll explain how metrics are vital in the development process and monitoring of production applications. Knowing how your application is performing throughout the development cycle while help ensure

Spring Framework 5 brings full reactive support to developers everywhere. What better way to demo reactive programming than to actually build something live? Trisha will live code an end-to-end applic

Abstract: AutoZone is the largest automotive aftermarket retailer in the United States. Founded in 1979, AutoZone has over 6,000 stores in the US, Mexico, and Brazil. At AutoZone, customer satisfactio

Abstract: Domain-driven design introduces the concepts of Aggregate, AggregateRoot, and Repository. If one takes these concepts seriously, certain habits we picked up while fighting working with JPA b

Abstract: Customer experience is king. Companies that separate from the pack are the ones that use real-time insight and user-centric design to delight their audience. But just how important is “good”

Abstract: Mastercard's Decision Management Platform serves as the core for multiple business solutions to combat fraud and validate cardholder identity. The patented Java-based platform has grown over

Abstract: Softbank Payment Service (part of the Softbank Group) is developing a next-generation, in-house payment system using Spring and Pivotal Application Service. In this session, we'll talk abou

Abstract: Founded in 1846, BT knows first-hand the importance of transformation. From establishing the UK’s telegraph comms network to growing into a modern, multinational telco operating across 180 c

Digital transformation is a people story. But you can't tell a digital transformation story without data. With the right metrics, you can use data to foster a culture of continuous learning and inspir

Real-time monitoring is a critical capability for building and operating distributed, data-intensive applications at scale. While Spring Cloud Data Flow (SCDF) helps you orchestrate streaming and batc

In the world of cloud-native distributed architectures, such as microservices, “event driven” is more popular than ever. But it's a broad category that covers a variety of use cases, ranging from a si

One of our banking clients is migrating its assets developed on exiting stack to an open-source platform: Spring on Pivotal Platform. They started this journey by moving the Public APIs and subsequent

Abstract: Join the Pivotal Vanguard——Pivotal’s first enterprise customer community——in a tech deep dive discussion on their specific Pivotal Platform journey as it applies to their experiences. Repres

The Infotainment System in GM vehicles makes web service calls to the cloud for an In-Vehicle App Store and to save/load Personal Profiles (e.g., radio stations, seat settings, etc). In 2017, China pa

As organizations mature their platform practices, they go beyond the standard Day 2 components of upgrading, patching, and continuous operations. In this next day, Day 3, SecOps teams are starting t

In 1996, Yahoo! JAPAN was established by Yahoo (US: Altaba) and Softbank, and Altaba sold all the stock to Yahoo! JAPAN in 2018. Since the establishment, Yahoo! JAPAN has been the leading #1 portal si

As a new developer coming from a nontraditional background, my understanding of what a framework is and its role in web development has grown exponentially as I created web applications using Spring B

In this session, Josh Long (@starbuxman, Pivotal) and Julien Dubois (@juliendubois, Microsoft) take Spring Boot microservices to the happiest place on earth - production! - with the just-announced Azu