See live demos of modern application development technologies.
The Spring Authorization Server project provides support for OAuth 2.1 Authorization Framework, OpenID Connect Core 1.0 and the numerous extension specifications.
SPIFFE, the Secure Production Identity Framework for Everyone, is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments. Systems that adopt SPIFFE can easily and reliably mutually authenticate (e.g. Mutual TLS) wherever they are running.
SPIRE is a production-ready implementation of the SPIFFE APIs that performs node and workload attestation in order to securely issue identities to workloads and verify identities of other workloads.
The primary goal of this talk is to demonstrate how to securely configure Spring Authorization Server, Client and Resource Server with SPIRE for the purpose of issuing identities via SVIDs (SPIFFE Verifiable Identity Document).
The following will be discussed and demonstrated:
The sample that will be demonstrated provides a reference implementation of RFC 8705 OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens.
Tiffany is a senior developer advocate at VMware and is focused on Kubernetes. She previously worked as a software developer and developer advocate (nerd whisperer) for containers at Amazon. She also formerly worked at Docker and Intel. Prior to that, she graduated from Georgia Tech with a degree in electrical engineering. In her free time she likes to spend time with her fiancé, family, and friends, as well as dabble in photography. You can find her on Twitter @tiffanyfayj.
Whitney traveled the scenic route but is absolutely chuffed to have found her way to Kubernetes and cloud technologies. She began her professional career as a fine artist before owning her own photography business for over a decade. Then, after a year-long tour playing keys and singing harmonies in the band Mutual Benefit, Whitney went back to school to learn full-stack web development. Shortly after graduation Whitney was employed by IBM as a cloud developer, using none of the skills she had just learned at school. However Whitney quickly developed an insatiable appetite for all things cloud, and a passion for teaching others as she acquired knowledge herself. She has made many light board videos for IBM Cloud, from topics ranging from creating a Pod in Kubernetes, to event-driven architecture, to cloud-native API solutions. At VMware Whitney’s contagious excitement drives her to continue to explore, collaborate, teach, and play!
Leigh is an empathetic speaker and developer with niches in cloud-native systems and security. Leigh comes from a background of building software to manage infrastructure. He contributes to Kubernetes and Flux and is frequently working on his next software demo