Introduction to PASETO (platform-agnostic security tokens)
Track
Web & Mobile
Datum i vrijeme
-
Dvorana
-
Trajanje
45'
JSON Web Tokens (JWTs) have become ubiquitous in the web authentication landscape over the last four years. In this talk, I'll introduce you to their successor: PASETO tokens (platform agnostic security tokens).
Unlike JSON Web Tokens (JWT), which gives developers more than enough rope with which to hang themselves, Paseto only allows secure operations. JWT gives you "algorithm agility", Paseto gives you "versioned protocols". It's incredibly unlikely that you'll be able to use Paseto in an insecure way.
In this session, I help you understand OAuth 2.0, OpenID, JWT, JWT's vulnerabilities and exploitations, and what you need to know about PASETO and show you a sample of PASETO in a Java application.
Detalji o predavanju
O predavaču
Devlin Duldulao, autor
Devlin Duldulao is a Filipino software developer based in Norway. He is an Auth0 Ambassador, a trainer, a conference speaker, and a senior consultant at Inmeta. He loves going to universities and user groups to share his expertise.
Prati nas na Facebooku
Prati nas na Twitteru
Sve novosti i zanimljivosti vezane uz JavaCro objavljujemo i na Twitteru! Follow @JavaCroMedijski pokrovitelji
