Secure JAX-RS

Session details
Status: 
Accepted
Speaker(s): 
Experience level: 
Intermediate
Session Track: 
Session Type: 
Standard

With the rise of micro-services, REST communication is more popular than ever. But the communication between the different parts must also be performed in a secure way.
First, we need to know if the user or system is allowed to call the JAX-RS endpoint. For this authentication part, self-contained tokens are the best option to not overload any of our services in the system. JWT which contains the authentication but also can contain the authorization info is ideal for this use-case.
And secondly, we need guarantees that the message isn't altered, that we can have message integrity. For that part, we can use signatures as specified in the HTTP signature draft specification.
Besides the concepts, the presentation will use various code examples to show the theory in action.
 

Schedule info
Time: 
25 Oct 2018 - 13:15 to 25 Oct 2018 - 13:50

Our Sponsors

Our Other Events

Eclipse events are hosted all over the world!

  • EclipseCon Europe 2018