Speakers
- Matt Stine
- Brian Sletten
- Ken Sipe
- Nathaniel Schutta
- Pratik Patel
- Matthew McCullough
- Mike Heath
- Neal Ford
- Tim Berglund
- Peter Bell
- Craig Walls
- Venkat Subramaniam
- Kris Zyp
- Nicholas C. Zakas
- Andrew Wirick
- Chris Wilson
- James Williams
- Greg Wilkins
- Meghan Wilker
- Mike Wilcox
- Dustin Whittle
- Estelle Weyl
- Johnny Wey
- Eric Wendelin
- Rich Waters
- James Ward
- David Verba
- Thomas Valletta
- Johannes Ullrich
- Tenni Theurer
- Etienne Studer
- Steve Souders
- Deryk Sinotte
- John Simone
- Scott Shattuck
- Bill Scott
- Matt Schmidt
- Dylan Schiemann
- Christian Schalk
- Brian Sam-Bodden
- Terry Ryan
- Alex Russell
- Rob Rusher
- Rick Ross
- Tom Robinson
- Torrey Rice
- Aza Raskin
- Nandini Ramani
- Matt Raible
- Jason Porter
- Vic Patterson
- Andy Painter
- Noah Paci
- Aaron Newton
- Mark Murphy
- Rebecca Murphey
- William Morris
- Eric Miraglia
- Eric Miller
- Steffen Meschkat
- Dustin Machi
- Nancy Lyons
- Kevin Lynch
- Andrew Lombardi
- Howard Lewis Ship
- Brian Leroux
- Brent Laster
- Seth Ladd
- Nik Krimm
- Kenneth Kousen
- Sean Kane
- Tim Kadlec
- Christopher Judd
- Bruce Johnson
- Denise Jacobs
- Bob Ippolito
- Kevin Hoyt
- Molly Holzschlag
- Josh Holmes
- Les Hazlewood
- Erik Hatcher
- James Harmon
- Patrick Haney
- Stuart Halloway
- Clint Hall
- Wesley Hales
- Kevin Hakman
- Aaron Gustafson
- Arun Gupta
- Nate Grover
- Mike Girouard
- Jesse James Garrett
- Raju Gandhi
- Thomas Fuchs
- Aaron Frost
- Judson Flamm
- Connie Finkelman
- Jon Ferraiolo
- Szczepan Faber
- Cal Evans
- Nicholas Eddy
- Scott Dietzen
- Gabriel Dayley
- Luke Daley
- Adrian Cole
- Roy Clarkson
- Patrick Chanezon
- David Chandler
- Ludovic Champenois
- Max Carlson
- Pete Campbell
- Bob Byron
- Thomas Burleson
- Michal Budzynski
- John Brinnand
- Ryan Breen
- Simone Bordet
- David Boloker
- David Bock
- Rey Bango
- Tom Ball
- Dan Allen
- Brad Abrams
Les Hazlewood
Apache Shiro PMC Chair
Prior to forming Stormpath, Les held senior architectural positions at Bloomberg and Delta Airlines and he was former CTO of a software engineering firm supporting educational and government agencies. Les has been actively involved in Open Source development for more than 10 years, committing or contributing to projects like the Spring Framework, JBoss, and of course Apache Shiro.
Les has a BS in Computer Science from Georgia Tech, currently lives in San Mateo, CA and practices Kendo and studies Japanese when he's not banging out code.
Presentations
Infinite Cloud Session Clustering with Apache Shiro
Over 100,000 organizations have seen Apache Shiro's simplicity and power as as security framework for authentication and authorization. But did you know that Shiro's Enterprise Session Management enables easy session clustering for any application? If you need to support concurrent user sessions in the thousands or millions, you won't want to miss this!
Apache Shiro is an easy-to-use open-source security framework with four cornerstones: authentication, authorization, session management and cryptography.
In this session Les Hazlewood, the Apache Shiro PMC Chair, will cover: ● Shiro’s enterprise session management capabilities ● How it can be used across any application (not just web or JEE applications) ● How it can be used to support simple Single Sign-On ● How to enable a distributed session cluster to support hundreds of thousands or even millions of concurrent sessions.
As a working example, Les will show how to set up a cloud hosted session cluster in under 10 minutes using a distributed NoSQL data store. If you need to scale user session load, you won’t want to miss this!
Designing a Beautiful REST+JSON API
Designing a really clean and intuitive REST + JSON API is no small feat. You have to worry about resources, collections of resources, pagination, query parameters, references to other resources, which HTTP Methods to use, HTTP Caching, security, and more! And you have to make sure it lasts and doesn't break clients as you add features over time. Further, while there are many references on creating REST APIs with XML, there are much fewer references for REST + JSON.
In this presentation, Les Hazlewood - Stormpath CTO and Apache Shiro PMC Chair - will share all of the golden nuggets learned while designing, implementing and supporting JSON-based REST APIs, using examples from a clean real-world REST+JSON API.
He will cover:
● JSON-based data formats in a RESTful API ● References to other JSON-based resources (aka 'linking'). ● Resource collections and pagination ● How to map (and how not to map) HTTP methods to Resource CRUD ● Resource partial updates ● Supporting HTTP Method Overloading for clients that don't support HTTP PUT and DELETE ● API versioning strategies ● Meaningful Error responses ● Many-to-many resource relationships ● HTTP Caching and Optimistic concurrency control. ● Authentication and Security
Intro to Application Security
Apache Shiro PMC Chair and Stormpath Founder/CTO, Les Hazlewood, will give an overview of the basics of application security, including...
● Basic best practices for authentication, authorization, session management, and cryptography ● Common web application security flaws and how to protect your web app ● What is OAuth and how does it work for web apps?
Join us for an informative session on Application Security!
Securing Multi-Tenant Cloud Applications with Apache Shiro
Many modern cloud applications are “single-instance, multi-tenant”: one software product services many tenants (customers), but to end users, it ‘feels’ like a single-customer product. Apache Shiro is an easy-to-use and flexible security framework that can secure any application, including today’s modern cloud multi-tenant applications. In this presentation, we'll see how to secure a multi-tenant cloud application easily with Apache Shiro.
Apache Shiro is an easy-to-use open-source application security framework used by over 100,000 organizations to support the four cornerstones of application security: authentication, authorization, enterprise session management, and cryptography.
In this presentation Les Hazlewood, the Apache Shiro PMC Chair, will demonstrate:
● How to secure multi-tenant applications using Shiro ● How to resolve tenant and user identity for a web request ● How to perform tenant user authentication and authorization using Shiro’s APIs