Get an improved navigation experience with a Chrominium based browser.
Dismiss
Ruby Video
Talks
Speakers
Events
Leaderboard
Sign in
Talks
Speakers
Events
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Getting started with authentication in SOA environments can seem like a daunting subject, but it doesn't need to be difficult. This talk will cover everything you need to know to get started building your own SOA systems. We'll look at the details of building a centralized authentication service and allowing other apps to delegate their authentication needs to the service. Jeremy is a full stack engineer who has been creating web apps for over 15 years. He's an organizer of the OkcRuby developer group and an active open source contributor. You might also find him drumming, shooting photos, or brewing. Help us caption & translate this video! http://amara.org/v/FG0x/
Date
Summary
Markdown supported
The video titled "Service Oriented Authentication" features Jeremy Green discussing the complexities of building authentication systems within Service-Oriented Architecture (SOA) environments. This topic is vital for developers looking to create efficient, scalable applications that can communicate seamlessly across services with secure user authentication. Key points covered in the talk include: - **Understanding SOA**: Jeremy explains that SOA is a mindset rather than a strict specification, emphasizing that it allows for modular, independent service architectures, which can collectively serve a larger application framework. - **Monolithic vs. Microservices**: He shares his personal experience of evolving from a monolithic application to a more service-oriented structure, highlighting the difficulties of managing big, slow, and cumbersome systems compared to nimble individual services. - **OAuth2 as a Solution**: A significant portion of the talk is dedicated to introducing OAuth2, an open standard for secure authorization. Jeremy details how OAuth2 can facilitate a single sign-on experience across multiple applications and services, reminiscent of systems used by giant tech companies like Amazon or Google. - **Step-by-Step Implementation**: The presentation includes a practical guide to implementing OAuth2 in existing monolithic applications. Jeremy proposes a strategy called "Muxoa" (Monolith-Centric Service-Oriented Architecture), where developers can incrementally introduce OAuth2 capabilities into their applications without requiring a complete overhaul. - **Using Gems in Ruby on Rails**: Jeremy discusses the practical implementation of OAuth2 using Ruby on Rails, referencing specific gems like *Doorkeeper* for provider functionality and *OmniAuth* for consumer integration. He walks through various scenarios, such as redirect flows and session management, explaining how to maintain user sessions across service boundaries. - **Single Sign-Off**: He illustrates the importance of handling user logout effectively—ensuring that logging out from one service also logs the user out from all connected services. In conclusion, Jeremy reinforces the concept that developers do not have to start fresh but can enhance their existing systems incrementally towards a more service-oriented architecture. He provides insights on balancing user authentication management with cross-application usability, making a compelling argument for the adoption of OAuth2 in service design. He encourages developers to start from their current state and gradually transition to better, more scalable solutions for user authentication.
Suggest modifications
Cancel