Paper Title and Abstract

Develop OWSM protected REST API and access resource with OAuth 2.0 (OAM) token

Stream: DEV/GEN

If you are an application/web/mobile developer working on SaaS, Mobile App, IoT, Oracle Mobile Cloud, join this session to learn end to end design and implementation of developing RESTful service, securing with OWSM OAuth supporting policy, accessing protected REST API using token issued by OAM OAuth 2.O service. This session demonstrates complete details of establishing trust between OAuth service and REST API resource server, step wise illustrates different grant type based access to REST API with Java client code samples, which would benefit you highly if you planning to utilize Oracle IoT or Mobile Cloud Service. Furthermore, see how simple it is to code and access protect REST API from your ADF applications and mobile clients.

Pre-requisites: Basic understanding on Web Services (REST) Java, J2EE developers and architects Product Analysts working on next generation technology

Presentation Objectives:  How easy to utilize OWSM to protect RESTFul web services How OAuth 2.0 can give you secured access to IoT and Mobile Cloud Leverage your learning to your products enhancement and make it future ready

Speaker Details

Nasir Uddin is a Software Engineer at Oracle America, Inc currently working for Oracle Hospitality Global Business Unit. He is specialized in enterprise architecture, cloud computing, SOA and application security.

He has worked in Australia and the USA in various sectors including student management, retail, point of service, property management and online bidding. 

At Oracle Nasir has integrated Service Bus (OSB), Business Intelligence Enterprise Edition (OBIEE), Internet Directory (OID), Identity Manager (OIM) to the Property Management Cloud Service. Utilizing Oracle Web Services Manager (OWSM) agents he has developed secured Web Services (SOAP-SAML, REST-OAuth 2.0) for Web Application (ADF based), desktop clients and native mobile device. He is responsible for the design and development of authentication and authorization module of the Hospitality Cloud Software Service. While working as a Security Point of Contact (SPOC) for Oracle HGBU he has utilized Fortify 360 Analyzer to scan and identify security defects and has integrated automated vulnerability static analysis with the periodic build process as a part of SDLC. He is skilled on configuration and administration of Weblogic server and Enterprise manager 11g and 12c. At Oracle HGBU, Nasir also maintains online content management wiki (Confluence) as an administrator. 

Outside the profession, he is actively involved in security oriented academic conferences either as a program committee member or as a presenter. He is the past Chair of the IEEE Computer Society, Victoria, Australia. He is currently an IEEE Computer Society MGA Board member, the Global Chair of the Outstanding Professional Chapter Award.