Securing Multi-Tenant Cloud Applications with Apache Shiro
RWX / CDX
Fort Lauderdale · November 27 - 30, 2012
About this Presentation
Many modern cloud applications are “single-instance, multi-tenant”: one software product services many tenants (customers), but to end users, it ‘feels’ like a single-customer product. Apache Shiro is an easy-to-use and flexible security framework that can secure any application, including today’s modern cloud multi-tenant applications. In this presentation, we'll see how to secure a multi-tenant cloud application easily with Apache Shiro.
Apache Shiro is an easy-to-use open-source application security framework used by over 100,000 organizations to support the four cornerstones of application security: authentication, authorization, enterprise session management, and cryptography.
In this presentation Les Hazlewood, the Apache Shiro PMC Chair, will demonstrate:
● How to secure multi-tenant applications using Shiro
● How to resolve tenant and user identity for a web request
● How to perform tenant user authentication and authorization using Shiro’s APIs
Apache Shiro PMC Chair
Prior to forming Stormpath, Les held senior architectural positions at Bloomberg and Delta Airlines and he was former CTO of a software engineering firm supporting educational and government agencies. Les has been actively involved in Open Source development for more than 10 years, committing or contributing to projects like the Spring Framework, JBoss, and of course Apache Shiro.
Les has a BS in Computer Science from Georgia Tech, currently lives in San Mateo, CA and practices Kendo and studies Japanese when he's not banging out code.