Director of Engineering @Tomitribe
Jean-Louis is a Senior Java Enterprise Software Architect and is passionate about Open Source. He’s an active contributor to Apache TomEE, OpenEJB, OpenWebBeans, Sirona and many others. He is involved in the Java Community Process (JCP) and is an active member of the EJB 3.2 expert group. He shares his knowledge by speaking at Java User Groups (JUG) and conferences such as ApacheCon Europe and Devoxx. His past experiences and present specialties include Spring, Hibernate, JPA, CDI, JSP, SOAP, RESTful services, WS-Security, Tapestry, Tomcat, IBM WebSphere, Java EE, SOA architecture and much more. And beyond his “normal” workday he also teaches Web Services, Java EE, and more at his local university in France.
TOPIC: Stateless Microservice Security via JWT, TomEE and MicroProfile
Microservices based architecture seems to be the common convergence point in the industry. But when it comes to security we are still struggling to evolve from monolithic systems or people oriented architecture. This presentation will be focusing on this landscape and explain how to leverage the quickly evolving MicroProfile JWT specification to secure Microservices and in a fully stateless and scalable manner. We’ll introduce the specification in a quick and no nonsense fashion and move on to several code examples that show how to setup JWT verification and obtain trusted claims via lookup or dependency injection. For our playground, we’ll be using Apache TomEE, fully open source lightweight Java EE server and MicroProfile implementation.