2016年1月19日に高速Webプラットフォームとして定評のあるオープンソース・ソフトウェア Nginx のエンタープライズ向け製品 「NGINX Plus」の Release8 がリリースされました。
NGINX Plus Release8 では、HTTP/2規格への完全準拠と OAuth 2.0 に対応などが追加されています。
OAuth 2.0 はテクノロジー・プレビューが提供されております。この機能を利用することで、Single Sign On (SSO)でシステムをAPI連携をさせることができるため、独立した認証システムを減らし、結果としてセキュリティが向上させることができるようになります。
- OAuth 2.0 のテクノロジー・プレビュー
- On-the-fly reconfiguration API による永続的な構成変更
Nginx Inc. - NGINX Plus Release8 (原文)
We are proud to announce the availability of NGINX Plus Release 8 (R8), the latest release of our application delivery platform. Prominent among the features in NGINX Plus R8 is the OAuth Technology Preview, an implementation of OAuth-based authentication. OAuth 2.0 is the industry standard for authentication and authorization. It can be used to add Single Sign On (SSO) to your applications as well as control access to your APIs.
In addition, this release includes a fully production-ready and hardened implementation of HTTP/2, a persistent on-the-fly reconfiguration API, scalable caching for large video files, and many more features to ensure flawless application delivery.
The key new features in NGINX Plus R8 are:
OAuth Technology Preview – OAuth 2.0 has become the industry standard for managing user identity on the Internet. When you use your Facebook or Google account to log in to another website, OAuth is brokering that transaction behind the scenes. OAuth defines how log-in details stored by an authentication server, such as Facebook or Google, are securely exchanged with resource servers such as Spotify, Airbnb, and many others. OAuth greatly improves the user experience, as users no longer have to maintain a separate login and password for each website they use, and improves security by reducing the number of separate (and potentially hackable) authentication systems.
As a reverse proxy and load balancer, NGINX Plus sits in front of applications, and is ideally positioned to simplify application development by offloading OAuth processing from application servers. In the OAuth Technology Preview (OTP), we’re sharing a candidate implementation of OAuth 2.0. We welcome your feedback on how NGINX Plus can help to offload and streamline complex authentication tasks.
Fully production-ready HTTP/2 implementation – In NGINX Plus R7 we introduced support for HTTP/2 less than seven months after the protocol was ratified. NGINX is now the #1 web server for HTTP/2. Our development efforts didn’t end with that release, and we’ve continued working hard to improve our implementation. With NGINX Plus R8, we’re proud to provide a fully supported, production-ready and hardened implementation of the HTTP/2 standard.
HTTP/2 improves performance of websites by up to 30%. With NGINX Plus R8 you can continue to add HTTP/2 support to your new and existing sites, with no changes required to your application.
Persistent on-the-fly reconfiguration API – With NGINX Plus’ on-the-fly reconfiguration API, you can add or remove upstream servers without restarting NGINX Plus or manually modifying and reloading the configuration file. This is a great feature for autoscaling and service discovery, enabling you to modify the load balancing pool on demand. Starting with NGINX Plus R8, the changes you make with the API can persist across a restart or configuration reload.
With this update to the API, you can make permanent changes to your NGINX Plus load-balancing configuration, adding and removing servers and changing their load balancing priorities. Using this easily-secured API, changes can be made as frequently as needed.
- Scalable caching for large video files – With NGINX Plus R8 we’ve improved our scalable content cache to better handle large video files, such as HTML5 video. Rather than store the entire video file as a single cache entry, NGINX Plus breaks it up into smaller fragments and then caches those fragments. Structuring the cache in this way better aligns to how users consume video on the Internet (fast forwarding, ending early, etc.), and reduces user latency as well as network traffic to and from origin servers.