SSO – Page 14 – WindowsTechs.com

Understanding JWT and SSO

Posted on August 7, 2019 by Dan

I’m having trouble understanding how to set up SSO between my app and another app we have deployed. I’m new to trying to set this kind of thing up, so I was hoping someone could explain whether I’m on the right path, both fro… Continue reading Understanding JWT and SSO→

Understanding JWT and SSO

Posted on August 7, 2019 by Dan

Researcher releases PoC code for critical Atlassian Crowd RCE flaw

Posted on July 16, 2019 by Zeljka Zorz

A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution providing single sign-on and user identity. Atlassian plugged the hole in late M… Continue reading Researcher releases PoC code for critical Atlassian Crowd RCE flaw→

SSO Log Users Out Based on IP Address

Posted on July 7, 2019 by interestedparty

We would like to implement SAML based SSO for our organization. We do not want employees to be able to access specific accounts outsides of specific hours and IP ranges. (We do not want to setup a VPN for that use-case for multiple reasons… Continue reading SSO Log Users Out Based on IP Address→

Which grant type : Implicit or Auth code (with No secret key) is suitable for Single Page Application(SPA)?

Posted on July 1, 2019 by Pratik C Joshi

I went thru multiple posts saying how implicit grant is a security risk and why auth code grant with AJAX request to Authorization server should be used after redirecting to application (without client_secret passed to Auth s… Continue reading Which grant type : Implicit or Auth code (with No secret key) is suitable for Single Page Application(SPA)?→

Apple debuts privacy-minded “Sign in with Apple” SSO

Posted on June 4, 2019 by Zeljka Zorz

Among the many news shared during Apple’s annual developer conference there’s one that stands out: the introduction of “Sign in with Apple”. About the “Sign in with Apple” feature Apple’s new single sign-on (SS… Continue reading Apple debuts privacy-minded “Sign in with Apple” SSO→

How to authorize access to a resource when requested with CORS and validate the origin?

Posted on May 31, 2019 by user3621633

I’ll try to make the explanation simple and to the point (keyword try). And if that’s not sufficient, then maybe I can expand on the question.

Imagine two sites: resources.example.com and www.example.com. I only have direct … Continue reading How to authorize access to a resource when requested with CORS and validate the origin?→

What Is Single Sign-On (SSO)?

Posted on May 30, 2019 by Emily Genge

The question “what is single sign-on?” is one we get asked a lot. To understand this solution, consider an analogy: “Imagine going to the mall, and at each store you must register with the store for your first purchase. Then, every time aft… Continue reading What Is Single Sign-On (SSO)?→

Single Sign On: Concept for multiple resources and login server below the same domain

Posted on May 13, 2019 by Mou

I am learning about SSO right now and am trying to work out a way to authenticate a few websites under the same domain (example.com), based on the setups I read about in the internet.

I would prefer to not redirect the user … Continue reading Single Sign On: Concept for multiple resources and login server below the same domain→

Is it advisable to create a system that stores passwords?

Posted on May 9, 2019 by niccolo m.

Please bear with me, I’m a total newbie about security.

I work in a company whose main goal is to maximize profits and use free stuff as much as possible. It’s effect is that we use tons of freeware web apps that helps us th… Continue reading Is it advisable to create a system that stores passwords?→