Sign up or log in to watch the video
Un-complicate authorization maintenance
Alex Olivier - 6 months ago
Every application at some point needs to tackle user permissions. It may be early for some systems or much later in others, but one thing for certain is that as soon as you have more than one user type, the logic will slowly evolve into spaghetti code. And then each time you need to update it will take longer and longer to complete. In this talk, we’ll proselytize about why decoupling authorization logic is the absolute best solution to the spaghetti code problem and other common authorization pitfalls. We'll look at real-world(ish) permissions implementations using open-source solutions. We'll try things like adding new role-based access controls to an application and evolving it to fine-grained attribute-based access controls. Along the way, we will run into typical blockers and try out ways to solve them. We'll also look at best practices for authorization (role management, policy evolution, the filtering problem, etc.) and when to just use the most obvious solution.
Jobs with related skills
Enterprise Architekt (m/w/d)
Dirk Rossmann GmbH
·
2 months ago
Hannover, Germany
+1
Hybrid
Junior IT-Qualitätsmanager(m/w/d) Informationssicherheit
ABO Energy GmbH & Co. KGaA
·
16 days ago
Ingelheim am Rhein, Germany
Hybrid
IT Security Specialist ISMS und CyberDefense (m/w/d)
HERMA GmbH
·
1 month ago
Filderstadt, Germany
Hybrid
Anwendungsbetreuerin/Anwendungsbetreuer (w/m/d)
GKV-Spitzenverband
·
1 month ago
Bonn, Germany
Hybrid
Related Videos