Introduction There’s no doubt that we are living in a highly connected era, partially driven by an ever expanding consumption model where technology is sustained by a growing list of different models and service providers. The established, old world, architecture which used to define a monolithic corporate IT infrastructure is […]
Security
39 posts
Managing Identity and Securing Your Mobile and Web Applications with Amazon Cognito : Level 300 Stephen Liedig, Solutions Architect, Amazon Web Services ** Note: These are notes taken from various sessions and the keynote of the 2017 AWS Public Sector Summit held in Canberra, Australia. The information might be slightly […]
Windows Server 2016 was launched less than two months ago, and one of the attractive options is an excellent makeover of Active Directory Federation Services (AD FS). The latest version is stacked with great features and is seriously worth the upgrade. However, I thought I’d point out one of the […]
Today I attended a Federal Government briefing at the Microsoft offices in Canberra. The agenda covered a wide area of topics, all relevant to Government and other sectors. These are my raw notes, taken during each session. I apologise in advance if they appear incoherent; I was put to task […]
Introduction Recently I created an architecture which saw K2 Smartform Runtime components deployed and configured in a separate Active Directory forest from the relevant K2 Blackpearl server. This architecture aligns with the security and enterprise architecture principals for one of my Government clients. All of the client’s environments are all […]
A few years ago [1] I wrote about how you could enable Domain Accounts to self-manage their ServicePrincipalNames. This is particularly advantageous when using Kerberos to secure services. We recently needed to set up some service accounts in Active Directory to participate in establishing a Kerberos capability for middleware integration. […]
Identity Server 3 supports the Client Credentials OAuth2 grant. I wrote a brief introduction to both OAuth2 and IdentityServer3 last month, this is a follow-on article exploring some other facets of authentication. This is a little bit like basic authentication, in that the client (the application which wants to consume […]
Introduction In recent times, I’ve become very intimately acquainted with OpenID Connect, OAuth2 as well as SAML, JWT, WS-Federation and more. It’s a complicated world. Since I dwell amongst the Microsoft ecosystem, I’m very experienced with Active Directory Federation Services (AD FS) which in its latest version supports OAuth2 endpoints […]
Welcome, 2015 – may you be an improvement on your predecessor. Today’s article focuses on the deceptively non-trivial task of reading from the Windows Event Logs using the Microsoft .NET Framework. For those who haven’t looked there in a while, here’s a quick look at the Event Viewer: The Windows […]
Hello there. I’ve been spending a lot of time of late trying to develop a solution to a very obscure problem scenario. The entire problem itself is outside the scope of this article – and to be honest, probably wouldn’t be terribly relevant to many – however, I felt there […]
Introduction In Part 1, we had a brief look at OWIN/OAuth concepts, and then prepared a clean ASP.NET web forms project for integration with NuGet packages essential to supporting a lightweight integration for OAuth handling. In Part 2 we established the information required to authenticate users against the Live Connect […]
Introduction Where we left off in Part 1, we’d established the prerequisites to prepare either a new or existing web forms project for the implementation of a lightweight OWIN/OAuth provider. This article, Part 2, will focus on how to prepare your development environment and also how to configure for Windows […]
Introduction Disclaimer: this article assumes the reader is already familiar with OWIN and OAuth standards. It is published in three parts. Late last year I wanted to implement Open Web Interface for .Net (OWIN) OAuth functionality for an administrative subdomain. As it happened, I wanted to specifically integrate OWIN/OAuth authentication/authorization […]
So I’m sure we’ve all had to contemplate this at some point in our development lifetime – when is it appropriate to grant developers and architects the key to the domain? There are quite a range of developers and software engineers out there, and for various reasons they do, from […]
This is sort of a follow-up to my first article on Active Directory Federation Services 2.0 (ADFS 2.0). This afternoon I spent far too many hours troubleshooting an issue I didn’t really have. Part of this complete and total waste of my time stems from what I now believe to […]