Introduction to PASETO (platform-agnostic security tokens)

Track

Web and Mobile

Date and time

-

Room

-

Duration

45'

JSON Web Tokens (JWTs) have become ubiquitous in the web authentication landscape over the last four years. In this talk, I'll introduce you to their successor: PASETO tokens (platform agnostic security tokens).
Unlike JSON Web Tokens (JWT), which gives developers more than enough rope with which to hang themselves, Paseto only allows secure operations. JWT gives you "algorithm agility", Paseto gives you "versioned protocols". It's incredibly unlikely that you'll be able to use Paseto in an insecure way.

In this session, I help you understand OAuth 2.0, OpenID, JWT, JWT's vulnerabilities and exploitations, and what you need to know about PASETO and show you a sample of PASETO in a Java application.

Lecture details

Type: Lecture
Level of difficulty: Detailed
Experience Level: Experienced
Desirable listeners function: Developer
Group of activity: Web and Mobile

About speaker

Like us on Facebook

We post news, photos and other interesting facts on official JavaCro Facebook Page.

Follow us on Twitter

Keep up to date with all the news on Twitter!

Organizers

The conference is organized by the Croatian Association of Oracle users & Croatian Java Users Association. 

Media Sponsors