24
Mar
![Jon Gallimore](https://2018.jnation.pt/wp-content/uploads/2018/03/jon_gallimore.jpg)
Jon Gallimore
![Jon Gallimore Jon Gallimore](https://2018.jnation.pt/wp-content/uploads/2018/03/jon_gallimore-297x297.jpg)
Jon Gallimore
Tomitribe
Director of Support
Jon is a passionate Apache TomEE committer, developer and Director of Support at Tomitribe. He started contributing to Apache TomEE in 2007, working on EJB 3.1 compliance, OpenEJB Eclipse Plug-in, early Tomcat 7 integration (that became the basis for TomEE) and the first version of the TomEE Arquillian adapter. Jon has worked as a developer and Java EE architect on projects across media, banking, and sports industries. He enjoys contributing technical write-ups to JAX Magazine and the Tribe blog, along with participating as a speaker at conferences JAX London, ApacheCon and JavaOne.
Jon enjoys spending time with his wife Laura, daughter Penny, and son Tommy, who are all avid Formula 1 fans.
Jon enjoys spending time with his wife Laura, daughter Penny, and son Tommy, who are all avid Formula 1 fans.
Deconstructing and Evolving REST Security
The learning curve for security is severe and unforgiving. Specifications promise infinite flexibility, habitually give old concepts new names, offer endless extensions, and almost seem designed to deliberately confuse. With an eye on architectural impact, actual HTTP messages, and aggressive distaste for fancy terminology, this session delves into OAuth 2.0 as it pertains to REST and shows how it falls into two camps: stateful and stateless. It then explores a competing Amazon-style approach called HTTP Signatures, ideal for B2B APIs. Finally, it discusses a new internet draft launched this year that combines them both into the perfect two-factor system that could provide a one-stop shop for business as well as mobile REST scenarios.
Comments are closed.