Umbraco has always had excellent user and member management, but in todays composable DXP world it might be better to use an external system for that.
External login providers is a fairly new feature that has been added to Umbraco 9.3: https://our.umbraco.com/documentation/reference/security/external-login-providers/
It is best to use external login providers starting from Umbraco 10.2. It contains several fixes to issues that I have reported.
In this session I will explain how you can use external login providers with Umbraco. It will be a technical session with multiple code examples. The demo will be open source so that everyone can try it. Also, I will share my experience for certain problems I ran into and give some tips.
Justin Richer, The MITRE Corporation
A report on MITRE’s MITREid platform, which allows thousands of active users to access hundreds of relying parties inside and outside the company; how and why we built MITREid and why we see the promotion of external identities as an important pattern for enterprise organizations.
Title: The Trinity in Exponential Technologies: Open Source, Blockchain and Microsoft Azure.
This talk will explore how Open Source, Blockchain and the Microsoft Cloud provide the best combination of emerging technologies by means of a perfect synergy in terms of technological shift as well as ecosystem collaboration, with a special focus on Blockchain enterprise solutions and use cases. It will also provide insightful information about best practices, common mistakes and the use of Azure as a managed Blockchain platform (BaaS – Blockchain as a Service).
Discussed the capabilities, advantages and disadvantages of Keycloak, made a basic understanding of how it can be applied and integrated into various systems.
Speaker - Ihor Didyk, Software Engineer, GlobalLogic.
RESHMI KRISHNA SENIOR CLOUD APPLICATION & PLATFORM ARCHITECT, PIVOTAL
VINAY UPADHYA ADVISORY PLATFORM ARCHITECT, PIVOTAL
TDD introduced many improvements into the development process with the biggest advantage relating to code design. As we move to a microservices based architecture, TDD becomes hard to implement across teams building different codebases. Consumer driven contracts (CDC) is like TDD but applied at the API level and is becoming more relevant in the world of microservices. It is a pattern for specifying and verifying interactions between different modules of an application. Spring Cloud Contract provides support for Consumer Driven Contracts and service schemas in Spring applications, covering a range of options for writing tests, publishing them as assets, asserting that a contract is kept by producers and consumers, for HTTP and message-based interactions. In this session, you will learn how we can implement TDD in microservices based architecture using Spring Cloud Contracts.
Justin Richer, The MITRE Corporation
A report on MITRE’s MITREid platform, which allows thousands of active users to access hundreds of relying parties inside and outside the company; how and why we built MITREid and why we see the promotion of external identities as an important pattern for enterprise organizations.
Title: The Trinity in Exponential Technologies: Open Source, Blockchain and Microsoft Azure.
This talk will explore how Open Source, Blockchain and the Microsoft Cloud provide the best combination of emerging technologies by means of a perfect synergy in terms of technological shift as well as ecosystem collaboration, with a special focus on Blockchain enterprise solutions and use cases. It will also provide insightful information about best practices, common mistakes and the use of Azure as a managed Blockchain platform (BaaS – Blockchain as a Service).
Discussed the capabilities, advantages and disadvantages of Keycloak, made a basic understanding of how it can be applied and integrated into various systems.
Speaker - Ihor Didyk, Software Engineer, GlobalLogic.
RESHMI KRISHNA SENIOR CLOUD APPLICATION & PLATFORM ARCHITECT, PIVOTAL
VINAY UPADHYA ADVISORY PLATFORM ARCHITECT, PIVOTAL
TDD introduced many improvements into the development process with the biggest advantage relating to code design. As we move to a microservices based architecture, TDD becomes hard to implement across teams building different codebases. Consumer driven contracts (CDC) is like TDD but applied at the API level and is becoming more relevant in the world of microservices. It is a pattern for specifying and verifying interactions between different modules of an application. Spring Cloud Contract provides support for Consumer Driven Contracts and service schemas in Spring applications, covering a range of options for writing tests, publishing them as assets, asserting that a contract is kept by producers and consumers, for HTTP and message-based interactions. In this session, you will learn how we can implement TDD in microservices based architecture using Spring Cloud Contracts.
Engage 2020: Hello are you listening, There is stream for everythingFrank van der Linden
The world is changing in a event driven world
Event driven architecture is not a new technology. IBM MQ is already 25 years old.
The popularity is increasing, because it is a robust, decoupled way to exchange data.
Today there are new popular 'new kids on the block'. Kafka is one of them and gets lots of attention also in the enterprise.
The principle however are still the same, called Pub Sub principle.
HCL will add to the App Dev pack the possibility to consume and produce to a broker/stream.
There are frameworks who helps you to focus on the business logic.
In this session I will explain this principle and show you that is not that difficult to make use of it. Connect your existing code to a service bus or queue, producing and consuming.
In this presentation, you will discover the latest feature enhancements, planned product releases and new marketing articles for September 2022, and more...
On a similar note, the perfect Blockchain developer understands when to seek assistance with an issue and persevere until they find the solution. So, today via this post, we will make people know how to become such blockchain experts and give them the best blockchain developer career Options.
Accelerate Microservices Deployments with AutomationNGINX, Inc.
Managing a microservice application means managing numerous moving parts, where changes to one container can have a negative impact on another and potentially bring down the entire application. With automation you can streamline the validation of containers and standardize deployment, and ensure your apps are updated correctly and securely. Join this session to learn:
• How to use GitHub Actions to streamline your processes
• About managing security
• Why automation simplifies quick recovery from failure
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
We are all now experiencing that remote working and virtual conferencing are important tools to stay connected. Not just in current circumstances but also in the wider future. That is why it is important to offer an easy-to-use, efficient, and quick replacement. Nextcloud is a platform for complete online collaboration and communication and can help to quickly adept and stay connected. Nextcloud is built by Nextcloud GmbH that has employees in home-offices in 11 countries and the Nextcloud Community which is spread all over the world. This talk gives an inside look at how Nextcloud GmbH works together with the Nextcloud community-building Nextcloud. It covers different communication channels that work for synchronous and asynchronous communication, how coordination in distributed teams works, and how good and efficient collaboration around documents is possible. Additionally, but also very important to share, this talk covers some of the challenges and solutions on how to successfully work across different countries, time zones, languages, and cultures.
Microsoft Skills Bootcamp - The power of GitHub and AzureDavide Benvegnù
In this session, part of the Microsoft Skills Bootcamp, I go through Digital Transformation in the DevOps era, and how to use Azure DevOps and GitHub together to achieve that.
OpenChain, the ISO standard, defines effective open source compliance. This slide deck aims to let people get familiar with OpenChain specification from scratch.
Microservices for the Masses with Spring Boot, JHipster and OAuth - GIDS 2019Matt Raible
Microservices are being deployed by many Java Hipsters. If you're working with a large team that needs different release cycles for product components, microservices can be a blessing. If you're working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain.
This presentation will show you how to use JHipster to create Angular + Spring Boot apps with a unified front-end. You will leave with the know-how to create your own excellent apps!
Bonus: I'll show you how to use Ionic for JHipster to create native applications on mobile. It's pretty darn slick!
2014 Q4 IAM Open Source Support Program UpdateJohn Gasper
Public briefing on Unicon's IAM Open Source Support Q1 2014 development progress, intentions for the next quarter, and other observations and highlights about Apereo/Jasig CAS, Internet 2 Shibboleth, and Internet 2 Grouper. http://www.unicon.net/support
OAuth2 & OpenID Connect with Spring SecurityShuto Uwai
OAuth2 & OpenID Connect with Spring Security.
Details with hands-on practices.
For JSUG LT event: https://jsug.doorkeeper.jp/events/111811
Typo: At slide 21, "You allow to enter!" => "You are allowed to enter!"
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
More Related Content
Similar to DF22-UmbracoWithExternalLoginProviders-JeroenBreuer.pptx
Engage 2020: Hello are you listening, There is stream for everythingFrank van der Linden
The world is changing in a event driven world
Event driven architecture is not a new technology. IBM MQ is already 25 years old.
The popularity is increasing, because it is a robust, decoupled way to exchange data.
Today there are new popular 'new kids on the block'. Kafka is one of them and gets lots of attention also in the enterprise.
The principle however are still the same, called Pub Sub principle.
HCL will add to the App Dev pack the possibility to consume and produce to a broker/stream.
There are frameworks who helps you to focus on the business logic.
In this session I will explain this principle and show you that is not that difficult to make use of it. Connect your existing code to a service bus or queue, producing and consuming.
In this presentation, you will discover the latest feature enhancements, planned product releases and new marketing articles for September 2022, and more...
On a similar note, the perfect Blockchain developer understands when to seek assistance with an issue and persevere until they find the solution. So, today via this post, we will make people know how to become such blockchain experts and give them the best blockchain developer career Options.
Accelerate Microservices Deployments with AutomationNGINX, Inc.
Managing a microservice application means managing numerous moving parts, where changes to one container can have a negative impact on another and potentially bring down the entire application. With automation you can streamline the validation of containers and standardize deployment, and ensure your apps are updated correctly and securely. Join this session to learn:
• How to use GitHub Actions to streamline your processes
• About managing security
• Why automation simplifies quick recovery from failure
stackconf 2021 | First hand experience: How Nextcloud stayed productive durin...NETWAYS
We are all now experiencing that remote working and virtual conferencing are important tools to stay connected. Not just in current circumstances but also in the wider future. That is why it is important to offer an easy-to-use, efficient, and quick replacement. Nextcloud is a platform for complete online collaboration and communication and can help to quickly adept and stay connected. Nextcloud is built by Nextcloud GmbH that has employees in home-offices in 11 countries and the Nextcloud Community which is spread all over the world. This talk gives an inside look at how Nextcloud GmbH works together with the Nextcloud community-building Nextcloud. It covers different communication channels that work for synchronous and asynchronous communication, how coordination in distributed teams works, and how good and efficient collaboration around documents is possible. Additionally, but also very important to share, this talk covers some of the challenges and solutions on how to successfully work across different countries, time zones, languages, and cultures.
Microsoft Skills Bootcamp - The power of GitHub and AzureDavide Benvegnù
In this session, part of the Microsoft Skills Bootcamp, I go through Digital Transformation in the DevOps era, and how to use Azure DevOps and GitHub together to achieve that.
OpenChain, the ISO standard, defines effective open source compliance. This slide deck aims to let people get familiar with OpenChain specification from scratch.
Microservices for the Masses with Spring Boot, JHipster and OAuth - GIDS 2019Matt Raible
Microservices are being deployed by many Java Hipsters. If you're working with a large team that needs different release cycles for product components, microservices can be a blessing. If you're working at your VW Restoration Shop and running its online store with your own software, having five services to manage and deploy can be a real pain.
This presentation will show you how to use JHipster to create Angular + Spring Boot apps with a unified front-end. You will leave with the know-how to create your own excellent apps!
Bonus: I'll show you how to use Ionic for JHipster to create native applications on mobile. It's pretty darn slick!
2014 Q4 IAM Open Source Support Program UpdateJohn Gasper
Public briefing on Unicon's IAM Open Source Support Q1 2014 development progress, intentions for the next quarter, and other observations and highlights about Apereo/Jasig CAS, Internet 2 Shibboleth, and Internet 2 Grouper. http://www.unicon.net/support
OAuth2 & OpenID Connect with Spring SecurityShuto Uwai
OAuth2 & OpenID Connect with Spring Security.
Details with hands-on practices.
For JSUG LT event: https://jsug.doorkeeper.jp/events/111811
Typo: At slide 21, "You allow to enter!" => "You are allowed to enter!"
Similar to DF22-UmbracoWithExternalLoginProviders-JeroenBreuer.pptx (20)
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Strategies for Successful Data Migration Tools.pptxvarshanayak241
Data migration is a complex but essential task for organizations aiming to modernize their IT infrastructure and leverage new technologies. By understanding common challenges and implementing these strategies, businesses can achieve a successful migration with minimal disruption. Data Migration Tool like Ask On Data play a pivotal role in this journey, offering features that streamline the process, ensure data integrity, and maintain security. With the right approach and tools, organizations can turn the challenge of data migration into an opportunity for growth and innovation.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
2. Who am I?
Umbraco with external login providers
2
Senior Software Developer at iO
Working with Umbraco for 14 years
3 x Umbraco MVP
Jeroen Breuer
3. Session overview
Umbraco with external login providers
3
OpenID Connect Umbraco example Conclusion
Quick intro to OpenID Connect Implementation and demo Why you should use it
1 2 3
6. External login providers
Umbraco with external login providers
6
• Umbraco supports users and members
• Could by any OpenID Connect provider
• Part of Umbraco core since 9.3
7. Umbraco with external login providers
7
Auto linking
• Users of members need to exist in Umbraco
• Auto linking creates users or members in Umbraco
• Uses events to give extra roles/groups
16. Umbraco with external login providers
16
• Tokens not stored in table:
https://github.com/umbraco/Umbraco-CMS/issues/12749
• Update member before it’s created:
https://github.com/umbraco/Umbraco-CMS/issues/12853
• Cannot delete a member:
https://github.com/umbraco/Umbraco-CMS/issues/12864
• Claims are not transferred:
https://github.com/umbraco/Umbraco-CMS/issues/12873
Issues fixed in
Umbraco 10.2
17. Umbraco with external login providers
17
Virtual
users/members
• Not supported at the moment
• Users/members need to exist in Umbraco
• Feature request:
https://github.com/umbraco/Umbraco-CMS/discussions/12741
18. Why you should use
external login providers
Umbraco with external login providers
18
19. Umbraco with external login providers
19
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example
20. Umbraco with external login providers
20
• Getting started
• https://www.youtube.com/watch?v=cklH7DtRDIQ
Video
1 I will start with an intro about OpenID Connect.
2 Next I will show how to implement it in Umbraco and how you can easily do an external login on the front of the website with members and SSO. This is not about users.
3 Finally I will tell why you should use external login providers.
OpenID Connect is a protocol.
It allows Clients to verify the identity of the User based on the authentication performed by an Authorization Server.
Example where Azure AD is the external login provider.
Go through all the steps.
We will also follow these steps when we use external login providers in Umbraco.
Id_token is important. We’re going to need that in our application later.
The external login provider can also return user attributes. For example an address or role. Those are called claims.
Both the Umbraco backoffice users and website members supports external login providers for performing authentication of your users or members.
This could be any OpenIDConnect provider such as Azure Active Directory, Identity Server, or Google.
Since 9.3 the Umbraco core has APIs available to connect with external login providers. No external packages required anymore.
The demo of today will connect with Auth0 as the external login provider and will also use these new APIs.
The users or members exist in the external login provider.
The external login provider has all the features that you need. For example a register page, forgot password feature and two factor authentication (2FA). You no longer need to create that yourself.
Umbraco requires the users or members to exist in Umbraco.
With auto linking when you login on the external login provider the user or member will be created in Umbraco.
It has events to change groups based on claims. So you can use roles from the external login provider and that way give users or members in Umbraco different rights.
There is some great documentation about implementing external login providers in Umbraco.
I have created an open source example package based on this documentation. It has a few extras which aren’t in the documentation. For example logout.
I will now explain how this example package works. So the next 6 slides are going be code examples.
The code is also on Github and I made a video about it too. So if I go too fast, you can watch it later.
Options when a member is created in Umbraco and linked to the member from the external login provider.
Can give a default member group.
Based on claims you can give extra member groups in the events.
OpenIdConnectMemberExternalLoginProviderOptions.cs
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Provider/OpenIdConnectMemberExternalLoginProviderOptions.cs#L23
public void Configure(MemberExternalLoginProviderOptions options)
{
options.AutoLinkOptions = new MemberExternalSignInAutoLinkOptions(
// Must be true for auto-linking to be enabled
autoLinkExternalAccount: true,
defaultCulture: null,
// Optionally specify the default "IsApprove" status. Must be true for auto-linking.
defaultIsApproved: true,
// Optionally specify the member type alias. Default is "Member"
defaultMemberTypeAlias: "Member",
// Optionally specify the member groups names to add the auto-linking user to.
defaultMemberGroups: new List<string> { "example-group" }
)
{
// Optional callback
OnAutoLinking = (autoLinkUser, loginInfo) =>
{
// You can customize the user before it's linked.
},
OnExternalLogin = (user, loginInfo) =>
{
// You can customize the user before login.
return true; //returns a boolean indicating if sign in should continue or not.
}
};
}
On line 3 we can see the auto link options from the previous slide.
Your external login provider has data like clientId and clientSecret. Those need to be configured here.
This is a pretty default OpenID Connect configuration.
This demo connects to Auth0. It’s using a free account.
UmbracoBuilderExtensions.cs
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Extensions/UmbracoBuilderExtensions.cs#L13
public static IUmbracoBuilder AddOpenIdConnectAuthentication(this IUmbracoBuilder builder)
{
builder.Services.ConfigureOptions<OpenIdConnectMemberExternalLoginProviderOptions>();
builder.AddMemberExternalLogins(logins =>
{
logins.AddMemberLogin(
memberAuthenticationBuilder =>
{
memberAuthenticationBuilder.AddOpenIdConnect(
// The scheme must be set with this method to work for the umbraco members
memberAuthenticationBuilder.SchemeForMembers(OpenIdConnectMemberExternalLoginProviderOptions.SchemeName),
options =>
{
var config = builder.Config;
options.ResponseType = "code";
options.Scope.Add("openid");
options.Scope.Add("profile");
options.Scope.Add("email");
options.Scope.Add("phone");
options.Scope.Add("address");
options.RequireHttpsMetadata = true;
options.MetadataAddress = config["OpenIdConnect:MetadataAddress"];
options.ClientId = config["OpenIdConnect:ClientId"];
// Normally the ClientSecret should not be in the Github repo.
// These settings are valid and only used for this example.
// So it's ok these are public.
options.ClientSecret = config["OpenIdConnect:ClientSecret"];
options.SaveTokens = true;
options.TokenValidationParameters.SaveSigninToken = true;
Once you’re logged in on the external login provider you will be redirected back to Umbraco. There you have the data of the external login and you can map it to the data Umbraco needs.
For example add some extra claims.
Like I mentioned before claims are user attributes. They can be an email, name or role for example.
Umbraco needs certain claims so we transform them here.
UmbracoBuilderExtensions.cs
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Extensions/UmbracoBuilderExtensions.cs#L43
options.Events.OnTokenValidated = async context =>
{
var claims = context?.Principal?.Claims.ToList();
var email = claims?.SingleOrDefault(x => x.Type == ClaimTypes.NameIdentifier);
if (email != null)
{
// The email claim is required for auto linking.
// So get it from another claim and put it in the email claim.
claims?.Add(new Claim(ClaimTypes.Email, email.Value));
}
var name = claims?.SingleOrDefault(x => x.Type == "user_displayname");
if (name != null)
{
// The name claim is required for auto linking.
// So get it from another claim and put it in the name claim.
claims?.Add(new Claim(ClaimTypes.Name, name.Value));
}
if (context != null)
{
// Since we added new claims create a new principal.
var authenticationType = context.Principal?.Identity?.AuthenticationType;
context.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, authenticationType));
}
await Task.FromResult(0);
};
Login is easy. Logout is hard.
Logout needs to happen on 2 domains. The website and the external login provider.
So you first logout on the website and then redirect to the external login provider to logout there as well.
In this event you can send data to the external login provider when you logout.
Most external login providers require some additional data. For example the id_token. This way the external login provider knows that the person that tries to logout is the same person that logged in before.
If the id_token is valid you’ll be redirected back to the website.
UmbracoBuilderExtensions.cs
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Extensions/UmbracoBuilderExtensions.cs#L71
options.Events.OnRedirectToIdentityProviderForSignOut = async notification =>{ var protocolMessage = notification.ProtocolMessage; // Since we're in a static extension method we need this approach to get the member manager. var memberManager = notification.HttpContext.RequestServices.GetService<IMemberManager>(); if (memberManager != null) { var currentMember = await memberManager.GetCurrentMemberAsync(); // On the current member we can find all their login tokens from the external login provider. // These tokens are stored in the umbracoExternalLoginToken table. var idToken = currentMember?.LoginTokens.FirstOrDefault(x => x.Name == "id_token"); if (idToken != null && !string.IsNullOrEmpty(idToken.Value)) { // Some external login providers need the IdTokenHint. // By setting the IdTokenHint the user can be redirected back from the external login provider to this website. protocolMessage.IdTokenHint = idToken.Value; } } await Task.FromResult(0);};
Like I just mentioned you need to be redirected to the external login provider if you want to logout.
The default Umbraco logout controller does not support this. Because it uses RedirectToCurrentUmbracoPage it overrides the redirect to the external login provider. So only use that if the members are only in Umbraco and not in an external login provider.
Use this custom logout controller to trigger logout on the external login provider.
If you’re not logged out on the external login provider it will login you again automatically.
ExternalLogoutController.cs
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Core/Controllers/ExternalLogoutController.cs#L36
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateUmbracoFormRouteString]
public async Task<IActionResult> HandleLogout([Bind(Prefix = "logoutModel")]PostRedirectModel model)
{
if (ModelState.IsValid == false)
{
return CurrentUmbracoPage();
}
var isLoggedIn = HttpContext.User?.Identity?.IsAuthenticated ?? false;
if (isLoggedIn)
{
// Trigger logout on the external login provider.
await this.HttpContext.SignOutAsync("UmbracoMembers.OpenIdConnect");
// Trigger logout on this website.
await _signInManager.SignOutAsync();
}
// Don't return RedirectToCurrentUmbracoPage.
// That will override the location header which is set by the external login provider logout.
// So by returning EmptyResult() this will still redirect to the external login provider to logout there.
return new EmptyResult();
}
In the appsettings.json file below the ConnectionStrings you will find the OpenIdConnect settings.
These are the only setting you need to change to connect to a different external login provider.
You now see the settings for connecting to Auth0.
Normally the ClientSecret should not be public. These settings are only used for this example. So it’s ok.
appsettings.json
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example/blob/main/Umbraco-OpenIdConnect-Example.Web/appsettings.json#L30
"ConnectionStrings": {
"umbracoDbDSN": "Data Source=|DataDirectory|/Umbraco.sqlite.db;Cache=Shared;Foreign Keys=True;Pooling=True",
"umbracoDbDSN_ProviderName": "Microsoft.Data.Sqlite"
},
"OpenIdConnect": {
"MetadataAddress": "https://dev-i92inbjg.us.auth0.com/.well-known/openid-configuration",
"ClientId": "AOXaiUSRn6IH0aX7BKAFY7G7QIDI7HUx",
"ClientSecret": "pj_MFOHSVKOb8e13q5h5FItQbdQKT-vlQ9oD8t1XOIwkBd4sJe2_AJJVYTEshqrb",
"LogoutUrl": "https://dev-i92inbjg.us.auth0.com/v2/logout",
"ReturnAfterLogout": "https://localhost:44342/"
}
The external login provider is the bridge between Umbraco and Sitecore. They don’t know about each other.
Enexis login page is configured in the external login provider.
SSO support.
Only need to manage members in the external login provider. They can login into both websites.
This is the power of a composable DXP setup.
Demo 1
https://localhost:44342/
Show network tab. Lots of redirects.
Login
Logout
Logout also redirects.
Login
Clear cookies. Logged in automatically because you did not logout on the external login provider.
All the Umbraco way. Can use protected pages and groups.
Demo 2
https://umbraco-openidconnect-example.local/
Different app settings. Only thing that has changed.
Login Umbraco with Enexis (powered by Sitecore) page. Back to Umbraco.
Logout
Umbraco login
Enexis login auto
Enexis logout
Umbraco logout
Enexis login
Umbraco login auto
While developing the Umbraco OpenID Connect example package I ran into some issues.
All the issues that I reported are fixed in Umbraco 10.2.
It took me a few nights of debugging.
Tokens not stored in table:
https://github.com/umbraco/Umbraco-CMS/issues/12749
Values like the id_token and access_token are stored in the umbracoExternalLoginToken table.
These values were only saved on the first login. Not if you login again and have new tokens.
These tokens are required for logout for example.
The id_token I needed for logout was outdated.
Now the tokens are always up to date in the table.
Update member before it’s created:
https://github.com/umbraco/Umbraco-CMS/issues/12853
Some changes were made in Umbraco 10 which caused a member to be updated before it was created.
It tried to run some queries with the member id being 0.
Could not login on Umbraco 10 with external login provider.
Now it only updates if a member already exists.
Cannot delete a member:
https://github.com/umbraco/Umbraco-CMS/issues/12864
A member could not be deleted if it had any rows in the umbracoExternalLoginToken table.
When a member is deleted it now also deletes the rows in the umbracoExternalLoginToken table.
Claims are not transferred:
https://github.com/umbraco/Umbraco-CMS/issues/12873
The external login member is transformed to an Umbraco member.
But claims from the external member could not be transferred to the Umbraco member.
So if you had some external data like an address you could not get that in Umbraco.
Claims can now be transferred from the external login member to the Umbraco member.
I discovered some of these bugs because I already did an OpenID Connect implementation in Sitecore. So I’m using my Sitecore knowledge to help improve Umbraco. And it happens the other way around too.
The auto link features creates the member in Umbraco and links the external login member.
The member is created the first time they login with the external login provider.
The problem with the current solution is that users/members need to exist in 2 systems. Umbraco and the external login provider. This makes it harder to use the external login provider as a single source of truth for all users/members. If the external login provider has thousands of users/members you don't want them inside Umbraco as well.
When you authenticate users/members through external providers, Umbraco could create and authenticate a virtual user/member with proper access rights. This user/member exists only as long as the user session lasts.
Doesn’t exist yet, but is a feature request.
https://github.com/umbraco/Umbraco-CMS/discussions/12741
No need to create login, register and forgot password yourself.
Members are stored outside of Umbraco.
Can also be used for other systems with SSO.
Fits perfect in a composable DXP world.
Members only in Umbraco are free.
External login providers usually have a free tier, but can get expensive if you have a lot of members.
https://github.com/jbreuer/Umbraco-OpenIdConnect-Example
Github repo
Free and open source
Complete solution with SQLite database. Download and run. Works out of the box.
Not a NuGet package because each OpenID Connect implementation is different. So copy this example to your own project and make the changes that you need.
The video is also on the github page.
Shows how run the project and goes through all the files. Just like this presentation.
https://www.youtube.com/watch?v=cklH7DtRDIQ