SlideShare une entreprise Scribd logo

Iasi code camp 20 april 2013 windows authentication-spring security -kerberos

Télécharger en tant que PPTX, PDF
Codecamp Romania
Codecamp Romania
TechnologieBusiness
1  sur  26
A bridge between two worlds: Spring Security & Kerberos Claudiu Stancu
•Me & the other me •Security concepts •Kerberos •All together •Code time Agenda 3
IN YOUR ZONE About me… 4 Development Discipline Lead at Endava
IN YOUR ZONE The other me… 5
IN YOUR ZONE Security concepts – Data types 6 PUBLIC PRIVATE CONFIDENTIAL SECRET
IN YOUR ZONE Authentication 7 “The process of verifying that the users of our application are who they say they are”
IN YOUR ZONE Authentication 8 Credentials Based
IN YOUR ZONE Authentication 9 Biometrics Authentication
IN YOUR ZONE Authentication 10 Two factor authentication
IN YOUR ZONE Authentication 11 • Browser certificates • Single Sing On • Hardware authentication
IN YOUR ZONE Authorization 12 Assign authenticated Principals to one or more Roles Assign the Principal’s Role(s) to secured resources
IN YOUR ZONE Spring Security 13 Servlet Filters Delegation
IN YOUR ZONE Spring Security – Filters 14 o.s.s.web.context.SecurityContextPersistenceFilter o.s.s.web.authentication.logout.LogoutFilter o.s.s.web.authentication.UsernamePasswordAuthentication o.s.s.web.session.SessionManagementFilter Secured Resource Request Response
IN YOUR ZONE Spring Security – Fundamentals 15 Security Interceptor Authentication Manager Access Decision Manager Run-As Manager After-Invocation Manager
IN YOUR ZONE Spring Security – Authentication Manager 16 Authentication Manager Provider Manager LDAP Authentication Provider CAS Authentication Provider Kerberos Authentication Provider DAO Authentication Provider Remember Me Authentication Provider
IN YOUR ZONE Spring Security – Access Decision Manager 17 Affirmative Based Abstract Decision Voter Access Decision Manager Abstract Access Decision Manager Consensus Based Unanimous Based Role Voter Access Decision Manager Grant / Deny access? Affirmative based At least one voter grant access Consensus based Majority grant access Unanimous based If all voters grant access
IN YOUR ZONE Kerberos 18
IN YOUR ZONE Kerberos 19 {cstancu, 192.168.1.2} SessionKey1 TGT TGT SessionKey1
IN YOUR ZONE Kerberos 20 {SessionKey1} Authenticator TGT {SessionKey2} Authenticator Mail Ticket {SessionKey2} ok TGT SessionKey1 Mail Ticket {SessionKey1} SessionKey2 Mail Ticket SessionKey2
IN YOUR ZONE All together 21 (1)HTTP GET resource.html
IN YOUR ZONE All together 22 (3) Kerberos TGS_REQ
IN YOUR ZONE All together 23 (5)HTTPGETAuthorization Negotiate w/SPNEGO Token (6) HTTP 200 – OK resource.html
IN YOUR ZONE Code time… 24
IN YOUR ZONE 25
IN YOUR ZONE 26 Claudiu Stancu | Development Discipline Lead

Recommandé

Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
Alert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
Alert Logic
 
20 common security vulnerabilities and misconfiguration in Azure
20 common security vulnerabilities and misconfiguration in Azure20 common security vulnerabilities and misconfiguration in Azure
20 common security vulnerabilities and misconfiguration in Azure
Cheah Eng Soon
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
Cheah Eng Soon
 
Security in Design of Cloud Application
Security in Design of Cloud ApplicationSecurity in Design of Cloud Application
Security in Design of Cloud Application
Rafal Korszun
 
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureSecurity Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
Stories from the Security Operations Center
Stories from the Security Operations CenterStories from the Security Operations Center
Stories from the Security Operations Center
Alert Logic
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform Vault
Shrivatsa Upadhye
 

Recommandé

Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
Alert Logic
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
Alert Logic
 
20 common security vulnerabilities and misconfiguration in Azure
20 common security vulnerabilities and misconfiguration in Azure20 common security vulnerabilities and misconfiguration in Azure
20 common security vulnerabilities and misconfiguration in Azure
Cheah Eng Soon
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
Cheah Eng Soon
 
Security in Design of Cloud Application
Security in Design of Cloud ApplicationSecurity in Design of Cloud Application
Security in Design of Cloud Application
Rafal Korszun
 
Security Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas AzureSecurity Implications of the Cloud - CSS Dallas Azure
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
Stories from the Security Operations Center
Stories from the Security Operations CenterStories from the Security Operations Center
Stories from the Security Operations Center
Alert Logic
 
Jenkins Terraform Vault
Jenkins Terraform VaultJenkins Terraform Vault
Jenkins Terraform Vault
Shrivatsa Upadhye
 
Equifax cyber attack contained by containers
Equifax cyber attack contained by containersEquifax cyber attack contained by containers
Equifax cyber attack contained by containers
Aqua Security
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Alert Logic
 
The Changing Landscape of Information Security
The Changing Landscape of Information SecurityThe Changing Landscape of Information Security
The Changing Landscape of Information Security
DevSecOpsSg
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
Alert Logic
 
WSO2Con EU 2016: Securing APIs: How, What, Why, When
WSO2Con EU 2016: Securing APIs: How, What, Why, WhenWSO2Con EU 2016: Securing APIs: How, What, Why, When
WSO2Con EU 2016: Securing APIs: How, What, Why, When
WSO2
 
Alternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure WebAlternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure Web
CASCouncil
 
Node JS reverse shell
Node JS reverse shellNode JS reverse shell
Node JS reverse shell
Madhu Akula
 
Privacy Preserving Searchable Encryption with Fine-grained Access Control
Privacy Preserving Searchable Encryption with Fine-grained Access ControlPrivacy Preserving Searchable Encryption with Fine-grained Access Control
Privacy Preserving Searchable Encryption with Fine-grained Access Control
JAYAPRAKASH JPINFOTECH
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New Reality
Carlos Andrés García
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
Alert Logic
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
Alert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
CSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCCSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOC
Alert Logic
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
Gordon Haff
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
Alert Logic
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host Security
Eng Teong Cheah
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015
n|u - The Open Security Community
 
Configuration Auditing
Configuration AuditingConfiguration Auditing
Configuration Auditing
Albert Campa
 
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicolaIasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Codecamp Romania
 
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Codecamp Romania
 

Contenu connexe

Tendances

DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
Gordon Haff
 
Configuration Auditing
Configuration AuditingConfiguration Auditing
Configuration Auditing
Albert Campa
 

Tendances (20)

Equifax cyber attack contained by containers
Equifax cyber attack contained by containersEquifax cyber attack contained by containers
Equifax cyber attack contained by containers
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
 
The Changing Landscape of Information Security
The Changing Landscape of Information SecurityThe Changing Landscape of Information Security
The Changing Landscape of Information Security
 
Reducing Your Attack Surface
Reducing Your Attack SurfaceReducing Your Attack Surface
Reducing Your Attack Surface
 
WSO2Con EU 2016: Securing APIs: How, What, Why, When
WSO2Con EU 2016: Securing APIs: How, What, Why, WhenWSO2Con EU 2016: Securing APIs: How, What, Why, When
WSO2Con EU 2016: Securing APIs: How, What, Why, When
 
Alternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure WebAlternatives and Enhancements to CAs for a Secure Web
Alternatives and Enhancements to CAs for a Secure Web
 
Node JS reverse shell
Node JS reverse shellNode JS reverse shell
Node JS reverse shell
 
Privacy Preserving Searchable Encryption with Fine-grained Access Control
Privacy Preserving Searchable Encryption with Fine-grained Access ControlPrivacy Preserving Searchable Encryption with Fine-grained Access Control
Privacy Preserving Searchable Encryption with Fine-grained Access Control
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
Cloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New RealityCloud Native Security: New Approach for a New Reality
Cloud Native Security: New Approach for a New Reality
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
 
Reality Check: Security in the Cloud
Reality Check: Security in the CloudReality Check: Security in the Cloud
Reality Check: Security in the Cloud
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
 
CSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOCCSS 17: NYC - Stories from the SOC
CSS 17: NYC - Stories from the SOC
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
 
CSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the CloudCSS 17: NYC - Realities of Security in the Cloud
CSS 17: NYC - Realities of Security in the Cloud
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host Security
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015
 
Configuration Auditing
Configuration AuditingConfiguration Auditing
Configuration Auditing
 

En vedette

Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicolaIasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Codecamp Romania
 
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Codecamp Romania
 
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile appGeorges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
Codecamp Romania
 
Alex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big leagueAlex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big league
Codecamp Romania
 
Iasi codecamp 20 april 2013 sponsors 5 minutes presentations
Iasi codecamp 20 april 2013 sponsors 5 minutes presentationsIasi codecamp 20 april 2013 sponsors 5 minutes presentations
Iasi codecamp 20 april 2013 sponsors 5 minutes presentations
Codecamp Romania
 

En vedette (8)

Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicolaIasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
Iasi codecamp 20 april 2013 scrum- agile measurements-dan nicola
 
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
Iasi codecamp 20 april 2013 it–a career a life sweat smiles and cries –andrei...
 
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile appGeorges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
Georges Chitiga - Introduction to Phonegap - HTML5 & JS to native mobile app
 
Alex lakatos state of mobile web
Alex lakatos state of mobile webAlex lakatos state of mobile web
Alex lakatos state of mobile web
 
Jozua velle + silviu luca dev ops
Jozua velle + silviu luca dev opsJozua velle + silviu luca dev ops
Jozua velle + silviu luca dev ops
 
Alex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big leagueAlex carcea, radu macovei a story of how java script joined the big league
Alex carcea, radu macovei a story of how java script joined the big league
 
Iasi codecamp 20 april 2013 sponsors 5 minutes presentations
Iasi codecamp 20 april 2013 sponsors 5 minutes presentationsIasi codecamp 20 april 2013 sponsors 5 minutes presentations
Iasi codecamp 20 april 2013 sponsors 5 minutes presentations
 
Ciprian ouatu asertivitate - comportament si comunicare
Ciprian ouatu asertivitate - comportament si comunicareCiprian ouatu asertivitate - comportament si comunicare
Ciprian ouatu asertivitate - comportament si comunicare
 

Similaire à Iasi code camp 20 april 2013 windows authentication-spring security -kerberos

Similaire à Iasi code camp 20 april 2013 windows authentication-spring security -kerberos (20)

Foundations of cloud security monitoring
Foundations of cloud security monitoringFoundations of cloud security monitoring
Foundations of cloud security monitoring
 
Exploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access ManagerExploring Advanced Authentication Methods in Novell Access Manager
Exploring Advanced Authentication Methods in Novell Access Manager
 
Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22Indianapolis Splunk User Group Dec 22
Indianapolis Splunk User Group Dec 22
 
ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps World
 
Keeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application SecurityKeeping Secrets on the Internet of Things - Mobile Web Application Security
Keeping Secrets on the Internet of Things - Mobile Web Application Security
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021
 
Hacking mobile apps
Hacking mobile appsHacking mobile apps
Hacking mobile apps
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through Preparation
 
Shifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsShifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environments
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?
 
Attacking and Defending Mobile Applications
Attacking and Defending Mobile ApplicationsAttacking and Defending Mobile Applications
Attacking and Defending Mobile Applications
 
Security Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloudSecurity Considerations for Microservices and Multi cloud
Security Considerations for Microservices and Multi cloud
 
Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)Cloud security what to expect (introduction to cloud security)
Cloud security what to expect (introduction to cloud security)
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
 
Ten Commandments of Secure Coding - OWASP Top Ten Proactive Controls
Ten Commandments of Secure Coding - OWASP Top Ten Proactive ControlsTen Commandments of Secure Coding - OWASP Top Ten Proactive Controls
Ten Commandments of Secure Coding - OWASP Top Ten Proactive Controls
 
Ten Commandments of Secure Coding
Ten Commandments of Secure CodingTen Commandments of Secure Coding
Ten Commandments of Secure Coding
 
Securing the cloud
Securing the cloudSecuring the cloud
Securing the cloud
 
Whole Process PPT of LC-Latest.pptx
Whole Process PPT of LC-Latest.pptxWhole Process PPT of LC-Latest.pptx
Whole Process PPT of LC-Latest.pptx
 

Plus de Codecamp Romania

Plus de Codecamp Romania (20)

Cezar chitac the edge of experience
Cezar chitac the edge of experienceCezar chitac the edge of experience
Cezar chitac the edge of experience
 
Cloud powered search
Cloud powered searchCloud powered search
Cloud powered search
 
Ccp
CcpCcp
Ccp
 
Business analysis techniques exercise your 6-pack
Business analysis techniques exercise your 6-packBusiness analysis techniques exercise your 6-pack
Business analysis techniques exercise your 6-pack
 
Bpm company code camp - configuration or coding with pega
Bpm company code camp - configuration or coding with pegaBpm company code camp - configuration or coding with pega
Bpm company code camp - configuration or coding with pega
 
Andrei prisacaru takingtheunitteststothedatabase
Andrei prisacaru takingtheunitteststothedatabaseAndrei prisacaru takingtheunitteststothedatabase
Andrei prisacaru takingtheunitteststothedatabase
 
Agility and life
Agility and lifeAgility and life
Agility and life
 
2015 dan ardelean develop for windows 10
2015 dan ardelean develop for windows 10 2015 dan ardelean develop for windows 10
2015 dan ardelean develop for windows 10
 
The bigrewrite
The bigrewriteThe bigrewrite
The bigrewrite
 
The case for continuous delivery
The case for continuous deliveryThe case for continuous delivery
The case for continuous delivery
 
Stefan stolniceanu spritekit, 2 d or not 2d
Stefan stolniceanu spritekit, 2 d or not 2dStefan stolniceanu spritekit, 2 d or not 2d
Stefan stolniceanu spritekit, 2 d or not 2d
 
Sizing epics tales from an agile kingdom
Sizing epics tales from an agile kingdomSizing epics tales from an agile kingdom
Sizing epics tales from an agile kingdom
 
Scale net apps in aws
Scale net apps in awsScale net apps in aws
Scale net apps in aws
 
Raluca butnaru corina cilibiu the unknown universe of a product and the cer...
Raluca butnaru corina cilibiu the unknown universe of a product and the cer...Raluca butnaru corina cilibiu the unknown universe of a product and the cer...
Raluca butnaru corina cilibiu the unknown universe of a product and the cer...
 
Parallel & async processing using tpl dataflow
Parallel & async processing using tpl dataflowParallel & async processing using tpl dataflow
Parallel & async processing using tpl dataflow
 
Material design screen transitions in android
Material design screen transitions in androidMaterial design screen transitions in android
Material design screen transitions in android
 
Kickstart your own freelancing career
Kickstart your own freelancing careerKickstart your own freelancing career
Kickstart your own freelancing career
 
Ionut grecu the soft stuff is the hard stuff. the agile soft skills toolkit
Ionut grecu the soft stuff is the hard stuff. the agile soft skills toolkitIonut grecu the soft stuff is the hard stuff. the agile soft skills toolkit
Ionut grecu the soft stuff is the hard stuff. the agile soft skills toolkit
 
Ecma6 in the wild
Ecma6 in the wildEcma6 in the wild
Ecma6 in the wild
 
Diana antohi me against myself or how to fail and move forward
Diana antohi me against myself or how to fail and move forwardDiana antohi me against myself or how to fail and move forward
Diana antohi me against myself or how to fail and move forward
 

Dernier

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Dernier (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Iasi code camp 20 april 2013 windows authentication-spring security -kerberos

Notes de l'éditeur

  1. The default AccessDecisionManager implementation provides an access granting mechanism based on AccessDecisionVoter and vote aggregation.
  2. Guardian for the underworld: no one can escape or pass the Styx river1st head: Key Distribution Center (KDC) Makes sure you are who you say you are and you provide the right credentialsVouches for the user’s identityRuns on TCP / UDP port 882nd head: Authentication Service (AS)Actually does the authentication thru the network3rd head: Ticket Granting ServiceHelps with tickets
  3. Or:1st head: Kerberos Client2nd head: Kerberized Service3rd head: KDC
  4. Authenticator = {username, network_address, timestamp, lifespan}_sessionKeyService Ticket = {session_key, username, network_address, service_name, lifespan, timestamp}TGT = {sessionKey, }Authenticator can not be used twice: each service has an internal cache for checking