In this presentation we discuss how to CASify PeopleSoft, and also discuss some strategies on how to integrate Microsoft ADFS with CAS Server to have a single SSO experience for your end users.
Central Authentication Service (CAS) SSO for EMC Documentum Rest ServicesEMC
This white paper provides an overview of integrating Central Authentication Service (CAS) Single Sign-On with EMC Documentum REST Services, including exploring the CAS architecture and authentication flows, deployment recommendations, and troubleshooting tips for this integration. CAS is an open source single sign-on solution that allows users to authenticate once to access multiple web services, while Documentum REST Services is a multi-layer system that uses CAS proxy authentication to achieve single sign-on across its components. The paper provides details on configuring both the CAS server and Documentum components to enable CAS SSO for the REST API.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Central Authentication Service (CAS) SSO for EMC Documentum Rest ServicesEMC
This white paper provides an overview of integrating Central Authentication Service (CAS) Single Sign-On with EMC Documentum REST Services, including exploring the CAS architecture and authentication flows, deployment recommendations, and troubleshooting tips for this integration. CAS is an open source single sign-on solution that allows users to authenticate once to access multiple web services, while Documentum REST Services is a multi-layer system that uses CAS proxy authentication to achieve single sign-on across its components. The paper provides details on configuring both the CAS server and Documentum components to enable CAS SSO for the REST API.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019Amazon Web Services Korea
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기
김준형 솔루션즈 아키텍트, AWS
AWS 클라우드는 초기에 적은 비용으로 웹 서비스를 시작하고, 향후 사업이 발전했을 때 천만 이상의 유저가 사용할 수 있는 고가용성, 확장성, 민첩성이 뛰어난 웹 서비스를 만들 수 있습니다. 본 세션에서는 작은 서비스로 시작하여 AWS의 다양한 서비스를 사용하여 천만 이상의 대규모 유저 트래픽을 수용할 수 있는 웹 서비스로 발전시키는 것을 단계별로 오토스케일링, 트래픽 경감, 모니터링과 자동화, 고가용성 확보를 위한 아키텍처 구성 방법을 소개합니다.
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemplesClément OUDOT
Avec la multiplication des applications Web, la question de l’authentification à ces applications est devenue primordiale. Pour simplifier la vie de l’utilisateur, le concept de SSO (Single Sign On) a été inventé. Dans ce domaine, plusieurs protocoles et standards existent, comme CAS, OpenID, Liberty Alliance, Shibboleth ou SAML. Quelles sont les différences ? Comment utiliser ces protocoles dans les applications ? Cette conférence tentera de répondre à ces questions en présentant des cas concrets d’implémentation.
Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application. You create collections of EC2 instances, called Auto Scaling groups.
You can specify the minimum number of instances in each Auto Scaling group, and Auto Scaling ensures that your group never goes below this size.
You can specify the maximum number of instances in each Auto Scaling group, and Auto Scaling ensures that your group never goes above this size.
If you specify the desired capacity, either when you create the group or at any time thereafter, Auto Scaling ensures that your group has this many instances.
If you specify scaling policies, then Auto Scaling can launch or terminate instances as demand on your application increases or decreases
Single Sign-On (SSO) allows a user to access multiple applications and systems with a single set of login credentials. The document discusses various SSO standards and implementations including Kerberos, LDAP, CAS, SAML, and PKI. It notes benefits of SSO like reduced passwords to remember but also criticisms like the risk that stealing one set of credentials grants access to all systems.
This slide deck served as presentation material for the talk with the same name at the 2021 COSAC security architecture conference.
It provides an architecture for applying zero trust networking on Amazon Web Services (AWS). We take a pragmatic approach to ensure that we link the theoretical components to implementation candidates. This relies on application of graph theory to establish traceability, which we can subsequently use to verify the logical integrity of the architecture. Our literature review indicates that the first imperative is to establish a reference model that describes zero-trust networking. The zero-trust reference model is subsequently mapped to relevant AWS services that realizes the components. This establishes traceability in terms of implementation requirements for each service. We see as part of this review that AWS is mature in its ability to support zero trust capabilities and that we can realize many aspects of zero trust using off-the-shelf AWS services. The correct configuration of these services however is crucial. The research is useful in providing solution architects with the logical components that can drive further stages in architecture development to support zero trust initiatives on AWS tenants.
"Amazon Inspector is a new service from AWS that identifies security issues in your application deployments. Use Inspector with your applications to assess your security posture and identify areas that can be improved. Inspector works with your Amazon EC2 instances to monitor activity in your applications and system.
This session will cover getting started with Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Inspector."
This document discusses securing web applications with AWS WAF. It begins by explaining why a web application firewall (WAF) is needed to protect against bad users and application vulnerabilities while allowing good users. It then defines what AWS WAF is, noting that it allows users to block or allow web requests and monitor security events. AWS WAF provides APIs and a console for easy configuration of rules to protect websites and content while integrating with development workflows. The document outlines the steps to set up AWS WAF, including creating a web ACL, adding rules and match conditions, and assigning it to CloudFront. It notes the pay-as-you-go pricing model for AWS WAF.
2015年10月13日アップデート
----------------------------------------------------------------------
AWS Black Belt Tech Webinar 2015
Amazon Elastic Block Store (EBS)
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자!
신은수 솔루션즈 아키텍트, AWS
IAM 서비스는 AWS 에서 계정을 생성하고 서비스를 사용하고 위해서는 반드시 사용하여야 하는 서비스 중에 하나입니다. 본 세션에서는 IAM에서 기본적으로 제공하는 기능의 구조와 동작 원리, 각 IAM 정책(Policy) 별 상호 관계 등에 대해 이해함으로써 보다 단순화되고 관리가 편한 IAM 정책을 작성하고 실무에 적용할 수 있는 방법 등에 대해 살펴보고자 합니다.
AWS 클라우드는 IT의 새로운 기준을 정립하며 클라우드 컴퓨팅 산업을 혁신하고 있습니다. 본 온라인 세미나에서는 클라우드 컴퓨팅의 개념과 AWS가 제공하는 서비스 소개 및 주요 활용 사례에 대해 소개합니다. 특히 국내에 설립된 서울 리전(Region, 데이터센터 클러스터)에 대한 소개와 더불어 다양한 IT 업무를 위한 AWS 대표 서비스들을 중점적으로 다룰 예정입니다.
AWS Security Hub allows users to centrally view and manage security alerts and automate compliance checks across multiple AWS accounts. It aggregates findings from AWS security services like GuardDuty, Inspector, and Macie as well as third-party solutions. This gives users a single pane of glass to monitor their AWS infrastructure security and compliance. Security Hub also provides automated compliance checks against standards and helps users identify and prioritize the most important issues using pre-built and custom insights.
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013Kiril Iliev
PhoneGap allows building of native mobile apps using web technologies that can be deployed across multiple devices. It uses a project structure with a www folder containing code and plugins to enable device functionality. The document demonstrates communicating with SharePoint via ASMX, REST and 2013 API, performing CRUD operations on lists using the API endpoints. It shows reading, creating, updating and deleting data through code examples.
The FamilySearch Reference Client is an open-source implementation of the Family Tree user interface that was developed to:
1) Make it easy for partners to access the FamilySearch tree using an extensible framework
2) Provide reusable components for partners to use
3) Demonstrate how to access the FamilySearch Tree using the Javascript SDK
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기 - 김준형 솔루션즈 아키텍트, AWS :: AWS Summit Seoul 2019Amazon Web Services Korea
천만 사용자를 위한 AWS 클라우드 아키텍처 진화하기
김준형 솔루션즈 아키텍트, AWS
AWS 클라우드는 초기에 적은 비용으로 웹 서비스를 시작하고, 향후 사업이 발전했을 때 천만 이상의 유저가 사용할 수 있는 고가용성, 확장성, 민첩성이 뛰어난 웹 서비스를 만들 수 있습니다. 본 세션에서는 작은 서비스로 시작하여 AWS의 다양한 서비스를 사용하여 천만 이상의 대규모 유저 트래픽을 수용할 수 있는 웹 서비스로 발전시키는 것을 단계별로 오토스케일링, 트래픽 경감, 모니터링과 자동화, 고가용성 확보를 위한 아키텍처 구성 방법을 소개합니다.
CAS, OpenID, Shibboleth, SAML : concepts, différences et exemplesClément OUDOT
Avec la multiplication des applications Web, la question de l’authentification à ces applications est devenue primordiale. Pour simplifier la vie de l’utilisateur, le concept de SSO (Single Sign On) a été inventé. Dans ce domaine, plusieurs protocoles et standards existent, comme CAS, OpenID, Liberty Alliance, Shibboleth ou SAML. Quelles sont les différences ? Comment utiliser ces protocoles dans les applications ? Cette conférence tentera de répondre à ces questions en présentant des cas concrets d’implémentation.
Auto Scaling helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application. You create collections of EC2 instances, called Auto Scaling groups.
You can specify the minimum number of instances in each Auto Scaling group, and Auto Scaling ensures that your group never goes below this size.
You can specify the maximum number of instances in each Auto Scaling group, and Auto Scaling ensures that your group never goes above this size.
If you specify the desired capacity, either when you create the group or at any time thereafter, Auto Scaling ensures that your group has this many instances.
If you specify scaling policies, then Auto Scaling can launch or terminate instances as demand on your application increases or decreases
Single Sign-On (SSO) allows a user to access multiple applications and systems with a single set of login credentials. The document discusses various SSO standards and implementations including Kerberos, LDAP, CAS, SAML, and PKI. It notes benefits of SSO like reduced passwords to remember but also criticisms like the risk that stealing one set of credentials grants access to all systems.
This slide deck served as presentation material for the talk with the same name at the 2021 COSAC security architecture conference.
It provides an architecture for applying zero trust networking on Amazon Web Services (AWS). We take a pragmatic approach to ensure that we link the theoretical components to implementation candidates. This relies on application of graph theory to establish traceability, which we can subsequently use to verify the logical integrity of the architecture. Our literature review indicates that the first imperative is to establish a reference model that describes zero-trust networking. The zero-trust reference model is subsequently mapped to relevant AWS services that realizes the components. This establishes traceability in terms of implementation requirements for each service. We see as part of this review that AWS is mature in its ability to support zero trust capabilities and that we can realize many aspects of zero trust using off-the-shelf AWS services. The correct configuration of these services however is crucial. The research is useful in providing solution architects with the logical components that can drive further stages in architecture development to support zero trust initiatives on AWS tenants.
"Amazon Inspector is a new service from AWS that identifies security issues in your application deployments. Use Inspector with your applications to assess your security posture and identify areas that can be improved. Inspector works with your Amazon EC2 instances to monitor activity in your applications and system.
This session will cover getting started with Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Inspector."
This document discusses securing web applications with AWS WAF. It begins by explaining why a web application firewall (WAF) is needed to protect against bad users and application vulnerabilities while allowing good users. It then defines what AWS WAF is, noting that it allows users to block or allow web requests and monitor security events. AWS WAF provides APIs and a console for easy configuration of rules to protect websites and content while integrating with development workflows. The document outlines the steps to set up AWS WAF, including creating a web ACL, adding rules and match conditions, and assigning it to CloudFront. It notes the pay-as-you-go pricing model for AWS WAF.
2015年10月13日アップデート
----------------------------------------------------------------------
AWS Black Belt Tech Webinar 2015
Amazon Elastic Block Store (EBS)
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자! - 신은수 솔루션즈 아키텍트, AWS :: AWS Summit S...Amazon Web Services Korea
IAM 정책을 잘 알아야 AWS 보안도 쉬워진다. 이것은 꼭 알고 가자!
신은수 솔루션즈 아키텍트, AWS
IAM 서비스는 AWS 에서 계정을 생성하고 서비스를 사용하고 위해서는 반드시 사용하여야 하는 서비스 중에 하나입니다. 본 세션에서는 IAM에서 기본적으로 제공하는 기능의 구조와 동작 원리, 각 IAM 정책(Policy) 별 상호 관계 등에 대해 이해함으로써 보다 단순화되고 관리가 편한 IAM 정책을 작성하고 실무에 적용할 수 있는 방법 등에 대해 살펴보고자 합니다.
AWS 클라우드는 IT의 새로운 기준을 정립하며 클라우드 컴퓨팅 산업을 혁신하고 있습니다. 본 온라인 세미나에서는 클라우드 컴퓨팅의 개념과 AWS가 제공하는 서비스 소개 및 주요 활용 사례에 대해 소개합니다. 특히 국내에 설립된 서울 리전(Region, 데이터센터 클러스터)에 대한 소개와 더불어 다양한 IT 업무를 위한 AWS 대표 서비스들을 중점적으로 다룰 예정입니다.
AWS Security Hub allows users to centrally view and manage security alerts and automate compliance checks across multiple AWS accounts. It aggregates findings from AWS security services like GuardDuty, Inspector, and Macie as well as third-party solutions. This gives users a single pane of glass to monitor their AWS infrastructure security and compliance. Security Hub also provides automated compliance checks against standards and helps users identify and prioritize the most important issues using pre-built and custom insights.
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013Kiril Iliev
PhoneGap allows building of native mobile apps using web technologies that can be deployed across multiple devices. It uses a project structure with a www folder containing code and plugins to enable device functionality. The document demonstrates communicating with SharePoint via ASMX, REST and 2013 API, performing CRUD operations on lists using the API endpoints. It shows reading, creating, updating and deleting data through code examples.
The FamilySearch Reference Client is an open-source implementation of the Family Tree user interface that was developed to:
1) Make it easy for partners to access the FamilySearch tree using an extensible framework
2) Provide reusable components for partners to use
3) Demonstrate how to access the FamilySearch Tree using the Javascript SDK
The document provides an overview of the table of contents for Visual Studio 2005. It outlines topics such as application and page frameworks, GUI controls, validation controls, master pages, themes and skins, collections and lists, data binding, data management with ADO.Net, working with XML, site navigation, security, state management, caching, debugging and error handling, and file I/O and streams. It also briefly discusses machine and web configurations.
PuppetConf 2016: The Long, Twisty Road to Automation: Implementing Puppet at ...Puppet
This document summarizes the University of Saskatchewan's experience implementing Puppet for infrastructure automation. It outlines how they established an architecture team and ramped up Puppet use over time. They moved to using Git for code management and established workflows for development, testing, and production. The document also discusses lessons learned around custom facts, long-lived branches, and working with different teams. It concludes by noting areas still needing improvement and potential future uses of Puppet for things like dynamic environments and compliance.
Burn down the silos! Helping dev and ops gel on high availability websitesLindsay Holmwood
HA websites are where the rubber meets the road - at 200km/h. Traditional separation of dev and ops just doesn't cut it.
Everything is related to everything. Code relies on performant and resilient infrastructure, but highly performant infrastructure will only get a poorly written application so far. Worse still, root cause analysis in HA sites will more often than not identify problems that don't clearly belong to either devs or ops.
The two options are collaborate or die.
This talk will introduce 3 core principles for improving collaboration between operations and development teams: consistency, repeatability, and visibility. These principles will be investigated with real world case studies and associated technologies audience members can start using now. In particular, there will be a focus on:
- fast provisioning of test environments with configuration management
- reliable and repeatable automated deployments
- application and infrastructure visibility with statistics collection, logging, and visualisation
This document discusses several popular third-party JavaScript libraries including: DataJS for working with data, BreezeJS for managing data models, KnockoutJS for building user interfaces, AngularJS as a full-featured MVC framework, LESS as a CSS pre-processor, Bootstrap for responsive design, and media queries for responsive design across devices. Code examples are provided for implementing these libraries.
The document discusses the introduction of GUI components using JavaScript. It describes the architecture of the GUI framework including custom JavaScript and CSS libraries. It then discusses the benefits of the framework including separation of design and control, simple interfaces, and ease of data handling. Code examples are provided to demonstrate how to write HTML for a form and table and the corresponding JavaScript to initialize components and handle form submission and displaying data in the table. The next session will cover communication with the server using Ajax and JSON.
The WordPress REST API is a powerful tool that can enhance your web development projects. In this presentation, attendees will learn how to leverage WordPress's existing endpoints and create custom ones using PHP without needing plugins. Attendees will also learn how to use their endpoints to power their front-end React apps, web apps or even entirely separate websites. Finally, attendees will learn about security concerns and how to lock down the REST API. Time permitting, attendees can have a Q&A period to ask questions.
The WordPress REST API was introduced in 2016 in version 4.7. It has been part of the WordPress ecosystem for about seven years and is well-documented. With the introduction of React and Gutenberg blocks, the REST API can take on a new life to help developers create complex apps with relative ease. Where once it was primarily used for basic integrations, now developers are harnessing its full capabilities for ambitious projects. The WordPress REST API can power modern web applications and custom blocks, showing that it remains highly relevant for building on the web today. Even after years of existence, the REST API remains a cornerstone of the WordPress framework.
TechDays 2013 Jari Kallonen: What's New WebForms 4.5Tieturi Oy
This document summarizes new features in ASP.NET WebForms 4.5, including strongly typed data controls, model binding, unobtrusive validation, HTML5 support, and asynchronous programming support. It provides code examples of using data binding, model binding with value providers, validation with data annotations and validation controls, and asynchronous code with the async and await keywords. The document demonstrates these new ASP.NET features.
Summit2014 topic 0066 - 10 enhancements that require 10 lines of codeAngel Borroy López
This document provides an agenda and discussion topics for an Alfresco training session. It includes introductions, preliminary thoughts on Alfresco from a new user perspective, definitions of some technical Alfresco terms, and a countdown of real questions from users with proposed solutions ranging from 1-9 lines of code.
Passwords suck, but centralized proprietary services are not the answerFrancois Marier
Passwords are a big problem online and a lot of websites have turned to centralized services to handle logins for them. It's a disturbing trend from a privacy/surveillance point of view, but from a software freedom point of view, it's also turning these proprietary services into core dependencies.
That's why Mozilla is building Persona, a new federated and cross-browser system which makes identity a standard part of the browser. It's simple, privacy-sensitive and entirely free software.
Community call: Develop multi tenant apps with the Microsoft identity platformMicrosoft 365 Developer
Building an application that can be provisioned and used in multiple Azure AD tenants goes far beyond just flipping a switch in your app configuration. The developer has to undertake application provisioning, decide on a provisioning strategy, push changes to customers, manage identities flowing from multiple tenants, collect essential information from authentication signals, learn to differentiate the different types of users they will encounter and understand the key differences from the B2B scenarios. In this community call, Kalyan Krishnan reviews the steps and considerations required to develop, configure, provision, and manage multi-tenant applications.
For more information, visit https://aka.ms/identityplatform
The document discusses SharePoint authentication methods including classic mode and claims-based authentication. It provides steps to set up forms-based authentication (FBA) using LDAP or SQL databases in 8 steps. It also covers configuring the web.config files for the web application, SecurityToken service, and Central Administration to support FBA and LDAP or SQL role providers. The presentation includes demos of setting up FBA and integrating with LDAP or SQL user stores.
2020-02-20 - HashiTalks 2020 - HashiCorp Vault configuration as code via Hash...Andrey Devyatkin
This document discusses using Terraform to configure Vault infrastructure as code. It begins with an overview of Vault and Terraform. It then covers important considerations for deploying Vault like authentication methods, policies, secret engines, and rotating secrets. The document shares examples of using Terraform resources to configure LDAP, AWS IAM, database credentials, and rotating secrets in Vault. It finds that some values added to Vault via Terraform are not always readable and recommends ways to continuously learn, share knowledge, and improve practices for infrastructure as code with Vault.
This document provides an overview of Mozilla Web Apps including:
- Web Apps can run on platforms like Windows, Mac, Android and more.
- They are built with open web technologies like HTML5, CSS, and JavaScript.
- A manifest file is needed to define the app and install it using the Mozilla Labs App Runtime extension.
- Web Apps can use features like offline storage, IndexedDB, and fullscreen mode.
Plugins on OnDemand with Remote Apps - Atlassian Summit 2012 Atlassian
The document discusses how remote apps allow developers to integrate third party applications into Atlassian's OnDemand service. Remote apps use a simple descriptor file to register the app and define things like permissions, pages, and macros. This avoids the complexity of developing plugins and allows apps to be built using any programming language. Examples are provided of how to create a Lucidchart diagramming app using remote apps.
Vladimir Melnik from Tucha Cloud Services in the Ukraine, another company running IaaS services on Apache Cloudstack. Vladimir is the original author and maintainer of Monkeyman, a perl5 framework for Apache CloudStack automation
This document summarizes several new features in ASP.NET 4 including improvements to ViewState, ClientID, routing, list views, form views, chart controls, caching, and request validation. Key enhancements include more control over ViewState and ClientID generation, support for routing URLs, additional layout options for lists and forms, over 35 chart types, extensible output caching providers, and the ability to customize request validation.
Similar to How to CASifying PeopleSoft and Integrating CAS and ADFS (20)
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
How to CASifying PeopleSoft and Integrating CAS and ADFS
1. 5/13/14 Apereo Miami 2014 1
How to CASify PeopleSoft, and
integrating CAS and ADFS
Byran Wooten: bryan.wooten@utah.edu
John Gasper: jgasper@unicon.net
Misagh Moayyed: mmoayyed@unicon.net
2. 5/13/14 Apereo Miami 2014 2
•We will cover the integration and configuration points
to easily CASify PeopleSoft with minimal custom.
•We will also review several options for integrating your
CAS Server with Microsoft's ADFS Server. This is
particularly helpful if you are an Office 365 customer or
you have client applications that utilized Windows
Identity Foundation (WIF) and want to integrate the SSO
experience.
This Session
4. 5/13/14
Unicon: John Gasper, Misagh Moayyed
•Members of IAM practice at Unicon
•Emphasis on CAS, Shibboleth, Grouper, etc
•Provide commercial support through OSS program
6. 5/13/14 Apereo Miami 2014 6
Objective
CASify Peoplesoft web application via the Java
CAS client
•Populate REMOTE_USER with CAS principal id
•Peoplecode function to authenticate
Request.RemoteUser into Peoplesoft
7. 5/13/14 Apereo Miami 2014 7
1.Add CAS filters to the Weblogic web.xml
2.Add logic to Signon PeopleCode (FUNCLIBLDAP)
3.Configure Signon PeopleCode
Only 3 steps are required.
So, it really is easy!
8. 5/13/14 Apereo Miami 2014 8
•Add CAS Filters to web.xml in this location:
/<peoplesoft-webapp-directory>/PORTAL/WEB-INF
•Don’t forget to add the CAS client jar to the classpath:
/<peoplesoft-webapp-directory>/PORTAL/WEB-INF/lib/cas-client-core-3.3.1.jar
You may need to add the CAS Certificate to the
•Peoplesoft keystore:
/ps/pltest/weblogic/jdk150/jre/lib/security/cacerts
Step 1
11. 5/13/14 Apereo Miami 2014 11
•A default “guest” user must be created with the most basic permissions to be attached to
the CAS Web Profile. (Allow Public Users = Checked)
•CAS_AUTHENTICATION needs be enabled through signon peoplecode. The function uses the remote user in the
request headers as a authenticated user and retrieves the appropriate distinguished name from the directory.
•Valid user role that has the necessary permissions required to execute and invoke the Peoplecode function.
•The profile must be activated in PeopleSoft under the WebProfile setting, inside
the configuration.properties
•If all goes well, &global_DN is set and setAuthenticationResult() sets the user context to the correct
userID.
Peoplesoft WebProfile
12. 5/13/14 Apereo Miami 2014 12
Function CAS_AUTHENTICATION()
&logger = initLogger();
&logger.info("CAS_AUTHENTICATION ============ Start of CAS_AUTHENTICATION =============
(" | %SignonUserId | ")");
printRequestHeaders();
If &bConfigRead = False Then
getLDAPConfig();
End-If;
&cas_result = %Request.RemoteUser;
If &cas_result <> "" Then
/* User is authenticated, log them into PeopleSoft */
&logger.info(" CAS_AUTHENTICATION - " | "Remote user = " | &cas_result | " logged in
by CAS_AUTHENTICATION");
SetAuthenticationResult( True, Upper(&cas_result), "", False);
&authMethod = "CAS";
&CAS_userid = &cas_result;
&sql_PSOPRDEFN = CreateSQL("Select FAILEDLOGINS from PSOPRDEFN where OPRID=:1",
Upper(&cas_result));
&ret = &sql_PSOPRDEFN.Fetch(&failedLogin);
If (&failedLogin <> 0) Then
SQLExec("update PSOPRDEFN set FAILEDLOGINS=0 where OPRID=:1", Upper(&cas_result));
End-If;
CAS_AUTHENTICATION()
13. 5/13/14 Apereo Miami 2014 13
/* set &global_DN for profilesync */
For &J1 = 1 To &authMaps.Len
&DNs = CreateArrayRept("", 0);
If (idToDN(&cas_result, &DNs, &authMaps [&J1])) Then
For &I1 = 1 To &DNs.Len
/* Take the first DN found as the &global_DN */
&global_DN = &DNs [&I1];
&idxAuthMap = &J1;
/** &global_DN = "unid=" | &cas_result |
",ou=people,o=utah.edu"; **/
&logger.info("CAS_AUTHENTICATION - ***** &authMethod =
CAS ***** ===== (" | &cas_result | ")/" | &global_DN | "/" |
&authMaps [&J1].getAuthMapID());
Return;
End-For;
End-If;
End-For;
End-If;
&logger.info("CAS_AUTHENTICATION - Did not authenticate by
CAS_AUTHENTICATION (" | %SignonUserId | ")");
End-Function;
14. 5/13/14 Apereo Miami 2014 14
Step 3
Configure Signon Peoplecode
Note: “Invoke As” fields must be set to the credentials of the user created inside the web
profile to execute the peoplecode function. Ensure that both LDAP authentication and
profile sync are turned on, and “Exec Auth Fail” is checked for both.
15. 5/13/14 Apereo Miami 2014 15
In the WebProfile, specify a new signout.html for signout
•Place the file at /<peoplesoft-directory>/PORTAL.war/WEB-INF/psftdocs/CS89PS
•Edit the file:
Signout
16. 5/13/14 Apereo Miami 2014 16
•Ensure CAS_AUTHENTICATION() function logs activity to file
•Test webprofile using cmd=start:
https://sys.peoplesoft.edu:8703/psp/CS89PS/?cmd=start&languageCd=ENG
Log into peoplesoft using the account configured to invoke
•CAS_AUTHENTICATION()
•Almost ALL changes require a PeopleSoft web application restart
Tips & Suggestions
17. 5/13/14 Apereo Miami 2014 17
•Deep linking vs. Peoplesoft “caching”
•Peoplesoft vs. CAS account mapping
•Single signout
Issues & Troubleshooting
18. 5/13/14 Apereo Miami 2014 18
•Microsoft ADFS is yet another SSO
environment that competes in the same
spaces as CAS and Shibboleth.
•Why would you integrated ADFS with CAS?
lOffice 365?
lPreviously developed ASP.NET/Windows
Identity Foundation apps that utilize an
STS, like ADFS.
Integrating CAS and
Microsoft ADFS
19. 5/13/14 Apereo Miami 2014 19
•CAS as an RP: Fronting CAS with ADFS
•CASifying ADFS: Front ADFS with CAS
•ADFS as an SP: Front ADFS with CAS*
Integrating CAS and
Microsoft ADFS
28. 5/13/14 Apereo Miami 2014 28
Front CAS with ADFS
Attribute Mutator: clean-up or map your attributes
coming from ADFS, but before they are released.
attributes.put("upn",
attributes.get("upn").toString().replace("@example.org", ""));
attributeMapping(attributes, "surname", "LastName");
attributeMapping(attributes, "givenname", "FirstName");
attributeMapping(attributes, "Group", "Groups");
attributeMapping(attributes, "employeeNumber", "UDC_IDENTIFIER");
29. 5/13/14 Apereo Miami 2014 29
CASifying ADFS
Utilizes .NET CAS Client and ClearPass:
1) Drop in the DotNetCasClient.dll (v1.0.1).
2) Configure web.config.
3) Add code to FormsSignIn.aspx.cs.
31. 5/13/14 Apereo Miami 2014 31
CASifying ADFS
This may or may not work on ADFS on Windows
Server 2012 R2.
The .cs files are embedded in
C:WindowsadfsMicrosoft.IdentityServer.Web.dll
Visual Studio should allow you to alter the files.
32. 5/13/14 Apereo Miami 2014 32
ADFS as an SP
Theoretically, we can use CAS's Google
Apps/SAML 2.0 support to connect to ADFS.
Pros: No significant mods to ADFS or CAS.
Let me know if you are interested in
collaborating on this.