Complete gig history
All talks by Cristian Schuszter
5 talks·5 with video·2 years
Loading talks…
Let's face it, it takes quite a bit of brainpower to configure Spring Security so it does what you want it to do. The architecture of the library is highly modular, so developers are often faced with issues and subtleties in its configuration, leading to grey hair and wasted time. This talk will go through some common caveats and problems of implementing OAuth2 and OIDC integrations with Spring Security, such as custom authorization, what happens under the hood and points where you can plug in your custom implementations within the architecture. We'll be doing quite some amount of live coding, as I'll go through various examples of handling modern authorization and authentication scenarios in Spring Boot and Spring Security 6.*. The highlight of the coding session will be overriding and extending the token handlers in order to support user impersonation in our application, a feature that's crucial in large enterprise systems where you're faced with an issue that affects a single user.
This talk gives an insight into the technologies used by CERN (the European Organization for Nuclear Research) in order to render the average visitor's experience as optimal as possible. The Science Gateway is a new exhibition center freely accessible to visitors, meaning that a significantly higher volume of people started coming to CERN as a touristic destination. The problem is gracefully handling the capacity that we have for visits, using Drools as the main engine for making the booking experience ideal. We'll do a deep-dive into the challenges and the technical details faced by this project, as well as some performance metrics showcasing the strength of this solution. Lastly, we'll be diving into some code in order to better understand how to leverage Drools to build your own intelligent systems.
Let's face it, it takes quite a bit of brainpower to configure Spring Security so it does what you want it to do. The architecture of the library is highly modular, so developers are often faced with issues and subtleties in its configuration, leading to grey hair and wasted time. This talk will go through some common caveats and problems of implementing OAuth2 and OIDC integrations with Spring Security, such as custom authorization, what happens under the hood and points where you can plug in your custom implementations within the architecture. We'll be doing quite some amount of live coding, as I'll go through various examples of handling modern authorization and authentication scenarios in Spring Boot and Spring Security 6.*. The highlight of the coding session will be overriding and extending the token handlers in order to support user impersonation in our application, a feature that's crucial in large enterprise systems where you're faced with an issue that affects a single user. Code linked by the QR available at: https://gitlab.cern.ch/ischuszt/identity-crisis
Large language models are all the buzz recently, speeding up developer productivity and helping in areas like creative writing. One interesting method of super-powering your LLMs is called retrieval augmented generation (RAG). The concept implies that you have a local database of documents that you'd like to use in order to make your chatbot smarter, being able to answer domain specific questions. I'll be demoing some of the experimental work that was done in our group at CERN in order to build a chatbot that feeds from our internal developer documentation and helps you find what you need.
Note: the audio has some quality issues due to technical problems.