Speaker Details

Daniel Garnier-Moiroux
Broadcom - Spring

Daniel Garnier is a software engineer at VMware, working in the identity space and on SSO for applications. He is an adjunct professor at Mines Paris, where he teaches CS and software engineering classes.

He contributes to Spring Security, and has a keen interest in automation and developer productivity.

Spring Security: The Good Parts
Workshop (INTERMEDIATE level)
When you need to secure your application, you use Spring Security. It’s the de-facto standard, it’s robust, extensible, and brings sensible defaults to your application. But newcomers can feel lost as soon as they step out of the “Getting Started” guides and need to fine-tune the configuration to their specific use-cases. Developers can find themselves frantically copy-pasting from Stack Overflow until it kinda-sorta works. 
Spring Security only uses a handful of core building blocks, and they are present everywhere in the library. Knowing what those are, how they are meant to be used, and how to effectively leverage them will give you the keys you need to implement all your custom needs. 
This hands-on lab is the opposite of a “getting started” guide. You will implement custom use-cases from scratch, using Spring Security core classes. You will learn the general architecture, the foundational patterns, how Spring Security is built. Most importantly, you will understand how to use the extension points to add your own, specific behavior.
Pre-requisites: your laptop, Java 17, an IDE and Docker installed.
If you are using Kubernetes in production, you probably already have tooling in place to configure and manage your applications. Helm is an obvious example. Most of the tools are either very focused, like Kustomize, or very broad, like Helm. They are not always designed to work together, and sometimes you've had to write some batch scripts to stitch them together.
Enter Carvel, a CNCF Sandbox project since September 2022. It tackles the application development lifecycle following the Unix philosophy: Carvel is a suite of seven single-purpose, composable tools, from yaml templating to a GitOps controller. They may be adopted individually to enhance your existing workflows, or combined for an end-to-end solution.
In this session, with the help of a few slides and some live-coding, we will explore the Carvel portfolio by creating and deploying an application. After this talk, there is a very high chance you will want to try at least one of the tools!