Getting Started with Spring Authorization Server
The Spring Authorization Server project provides support for OAuth 2. 1 Authorization Framework, OpenID Connect Core 1. 0, and the numerous extension specifications. The primary goal of this talk is to demonstrate how to securely configure a Spring Authorization Server deployment using identified trust boundaries. The IETF draft, OAuth 2. 0 Security Best Current Practice, will be referenced and recommendations will be provided for preventing attacks and implementing mitigations using defensive, indepth strategies. The following will be discussed and demonstrated: Current features Starting up with default configuration Customizing the configuration Adding custom features via extension Feature roadmap
|
|