Collaborate Disseminate
we provide various web services for our customers, leveraging their IdP to have the customers’ employees sign in with their company-issued accounts. Sometimes we operate web services for one customer with different domains be… Continue reading Can I leverage Shibboleth to avoid recurring metadata exchanges with our customer?
Remember remember the Fifth of November, and your company’s need for a data defender.
The Bitglass Cloud Adoption report, which has been conducted multiple times in the past few years, illustrates the magnitude to which organizations are ad… Continue reading Cloud Adoption 2019: A for Adoption
I am using the CAS server overlay from https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol.html as SSO and hosting it on a WildFly AS, alongside a JSF application (referred as MyApp).
The problem:
When any page of my JS… Continue reading CAS SSO not working when a secondary JSESSIONID is set by another app
My company is working with a CRM that has a custom SSO implementation that we use. So they serve as our IdP.
The basic workflow:
1: User attempts to access secure app.
2: App routes user to IdP endpoint URL to login. Two… Continue reading Is this a flawed custom SSO design?
We have two Azure subscription, (1) of the parent company where all the users live in Azure AD (synchronised from on premises AD), and (2) that holds the 365 apps which are dedicated to our company.
Is it possible out of th… Continue reading Azure AD – Guest user SSO to RDP
In a web context, the new norm seems to be using OpenId connect. But for a company that runs various applications (web, mobile, …) and desires to give access to these applications with a single login from the user, is a cla… Continue reading Should I use OpenId Connect for SSO?
My organization uses SSO for its applications i.e. Once a user logs into his Windows 10 workstation, he accesses his web application without login. I was informed that the web applications uses NetIQ Identity Manager(IdP) and Kerberos in t… Continue reading How does the browser know windows logged in user id or Kerberos TGT?
On July 15 we lost a major contributor to modern-day IT security – Dr. Fernando Corbato, the inventor of the password. Back in the early 1950s, computers could only do single processing jobs. Due to this limitation, it meant that multiple users c… Continue reading How passwords paved the way for new technology
I have a customer who insists upon using only certificate-authority signed key-pair certificates for encrypting SAML2 assertions.
In this use case, I hold the private key in my Service Provider, and we furnish the public key… Continue reading why use a CA-signed key pair to encrypt SAML2 assertions?
I somehow need to accomplish the following:
User accesses a application written in JavaScript.
Application uses SSO to identify the user who is logged into Windows.
Application obtains the access role for that user for the … Continue reading Secure REST API that only works for users authenticated by App with SSO (OAuth?)