Welcome to OWASP AppSec 2018 USA we look forward to seeing you in San Jose, CA
Thursday, October 11 • 1:30pm - 2:05pm
The Anatomy of a Secure Web Application in Java Using Spring Security and Apache Fortress

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The Jakarta EE architecture provides the necessary enablement but most developers do not have the time or the training to take full advantage of what it has to offer. This technical session describes and demos an end-to-end application security architecture for an Apache Wicket Web app running in Tomcat. It includes practical, hands-on guidance to properly implementing authentication, authorization, and confidentiality controls using Java, Spring and Apache Fortress controls. In addition to finding out where the security controls must be placed and why, attendees will be provided with code they can use to kick-start their own highly secure Java web applications using Apache products and a few tricks.

avatar for Shawn McKinney

Shawn McKinney

Software Architect, Symas
Over twenty-five years as software developer and architect. Most of that time specializing in software security. Started an open source project called Fortress.
avatar for John Tumminaro

John Tumminaro

VP Technology, GlobalLogic
Passionate Enterprise & Security Architect. Experience/Roles include CTO, Chief Architect, Enterprise Architect, Security Architect & Solution Architect. Areas of specialty include: Transactional/BigData Systems, Integration, Performance/Scale/Resilience, Global Deployment, Cloud... Read More →

Thursday October 11, 2018 1:30pm - 2:05pm PDT
  Gold, Advanced - Dev focused
  • NEW FIELD 1 Track 3