Architectural Patterns for Spring Security You Wish Your Tech Lead Knew @ Spring I/O 2026
Spring I/O 2026 - 14-15 April, Barcelona Speaker: Cristian Schuszter Slides: https://2026.springio.net/slides/arch... You’ve made Spring Security work in one service: congratulations! 🥳 But what happens when your system grows into dozens of microservices, multiple identity providers, and a requirement for single sign-on that “just works”? Building a secure architecture around Spring Security is not as straightforward as it seems. In this talk, we’ll explore architectural patterns for handling authentication and authorization in complex environments using Spring Security, OAuth2, and OIDC. We’ll look at how to federate multiple IdPs, design authentication and authorization as separate fault-tolerant services, and apply the API gateway approach with Spring Cloud to make it all play nicely together. You’ll walk away with practical insights, examples, and lessons learned from real-world setups that will help you design a secure and scalable architecture your tech lead will be proud of.

New in Spring Security 7: MFA, OAuth2 and more by Daniel Garnier @ Spring I/O 2026

OpenAPI and Spring-Boot 4 - What's New? by Badr Nass Lahsen @ Spring I/O 2026

System Designing Explained (Monolithic → Microservices → Multi-Region)

Crafting Great APIs with Domain-Driven Design by Fabrizio Lazzaretti @ Spring I/O 2026

Completing the Rewrite from Hell: Five Years of Technical Debt and How We Escaped - Aaron Stannard

Breaching LLM-Powered Applications: Overcoming Security and Privacy Challenges by Brian Vermeer

System Design Explained: APIs, Databases, Caching, CDNs, Load Balancing & Production Infra

Domain-centric? Why Hexagonal- and Onion-Architecture are answers to the wrong question @ Spring I/O

Thinking in Relationships: Practical Graph Database Modelling in Java with Neo4j by Paulien van Alst

From Assistants to Agents: Self-Improving Agentic Systems with Spring AI by Christian Tzolov

Wahnsinn: Hermes-Agent + Qwen

Attacking AI - Jason Haddix - NDC Security 2026

How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)

ASP.NET Core Full Course For Beginners (.NET 10)

ART SCREENSAVER FOR YOUR TV | NO MUSIC | 2Hour | Abstract neutral art

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains

Plan Before You Build: Deterministic Planning Patterns for AI Agents by Dan Dobrin @ Spring I/O 26

Top 10 Event-Driven Architecture Pitfalls by Victor Rentea @ Spring I/O 2026

SAP BTP: Security overview and best practices for secure development ✨

