Talks
Speakers
Events
Topics
Search
Sign in
Search
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
search talks for
⏎
Suggest modification to this talk
Title
Description
By, Lance Gleason With projects like Doorkeeper, OAuth has pretty solid support in Rails when dealing with one application. However, when Rails applications get larger, many project teams break up their monolithic application into services. Some suggest installing Doorkeeper on every service, whereas others recommend routing all traffic through a single service. Recently, we worked on a project where neither of these solutions seemed right. Join us as we talk about our experience in federating OAuth in order to handle over 30,000 concurrent users.
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
The video "Adventures in Federating Authorization and Authentication with OAuth" features Lance Gleason discussing the complexities of implementing OAuth in federated systems, particularly within microservices architectures. The key points outlined in the talk include: - **Introduction to Web Services and Microservices**: Gleason introduces the concept of microservices as an evolution of application architecture, emphasizing the challenges that arise as applications grow larger. - **Understanding Federation**: He explains federation as integrating disparate systems under a common interface, which allows functionalities like Single Sign-On (SSO) to streamline user access across multiple services. - **Security Challenges**: Gleason highlights the importance of security in the context of OAuth, noting that no application can be entirely secure and drawing analogies to safes and Wi-Fi networks. - **Traditional Authentication Issues with Devise**: While many Rails developers are familiar with Devise, he points out the complications it introduces in service-oriented architectures, such as the burden of multiple passwords for users. - **Single Point of Failure**: He discusses the drawbacks of having a single entry point for authorization and authentication, as it can lead to downtime and bottlenecks during high-traffic scenarios. - **Importance of Token Management**: Gleason details the OAuth workflow, emphasizing the need for secure, timely processing of access tokens and authorization codes to prevent interception and enhance security. - **Innovative Solutions and Architecture**: The presentation leads to the exploration of a delegate-driven model where Doorkeeper operates as an authentication service, allowing other applications to communicate with it without direct integration, thus minimizing dependencies. - **Load Testing and Outcomes**: He concludes with a discussion of substantial load tests that revealed the system's capacity to handle over 30,000 concurrent requests without problems, validating the effectiveness of the federated approach. - **Takeaways on Security and Reflection**: Gleason encourages developers to frequently reflect on their security practices and remain vigilant about how authentication frameworks are implemented to ensure robust tokens and secure access points. This insightful session from RailsConf 2015 provides both a theoretical and practical understanding of federating OAuth in microservices, culminating in a call for continuous evaluation of security measures within complex architectures.
Suggest modifications
Cancel
