Adam is an IBM Software Engineer working in the Microservices team where he is working on Game On!, an open source microservices-based exemplar framework. Prior to having too much fun with microservices he worked on IBM’s JVM. When he’s not writing code, he can be found listening to rock music or participating in various martial arts.
Moving to microservices requires a new mindset and approach to application design. This is particularly important when it comes to security as in a distributed world even calls from other parts of your application are vulnerable. Security is often discussed in an abstract context and as there are so many existing standards it's difficult to know what methods are appropriate and when to use them. This session will use the text-based microservice adventure Game On! to discuss security in a real-world scenario. It will introduce the security considerations in a microservice environment and the choices we made to secure our application. You will learn how to utilise industry-wide standards such as OAuth2, OpenID Connect and other social sign-on methods and what we have done to work towards dev/production parity.