CockroachDB Dedicated is a fully-managed, reserved CockroachDB cluster ideal for a cloud database. We frequently get asked how to set up SSO for the individual CockroachDB Dedicated clusters and we have a detailed tutorial to walk you through that with a local, self-hosted cluster. What was unclear was that you can use the same steps to set up SSO with Dedicated. Based on this detailed document, CockroachDB Dedicated supports OIDC authentication for the DB Console today. In a future release, we are going to bring OIDC integration across the stack. Today, we're going to provide details on how to leverage OIDC specifically with the CockroachDB Dedicated DB Console and Microsoft using the OpenID Connect protocol.
CockroachDB Dedicated is a fully-managed, reserved CockroachDB cluster ideal for a cloud database. We frequently get asked how to set up SSO for the individual CockroachDB Dedicated clusters and we have a detailed tutorial to walk you through that with a local, self-hosted cluster.
What was unclear was that you can use the same steps to set up SSO with Dedicated. Based on this detailed document, CockroachDB Dedicated supports OIDC authentication. Today, we're going to provide details on how to leverage OIDC specifically with the Dedicated offering and Okta OIDC.
The Red Hat Single Sign-On or just RHSSO is an enterprise version of Keycloak, which is an open-source Identity and Access Management solution aimed at modern applications and services.
In the last few days, I needed to install RHSSO on Openshift version 4.8, however, I needed to implement small customization in the database connection. By default a non-ephemeral RHSSO installation uses an embedded installation of PostgreSQL database, however, I would change the type of database from PostgreSQL to MySQL, and even change the location of this one to the outside of Openshift.
In this article, we are going to see how to customize the user interfaces of a CAS application.
As you may know already, we are dealing with WAR overlay installation of the CAS project. Within this overlay project, there are no view pages available for us to modify. So first of all, we need to bring down any CAS views which we need to modify into our overlay from the CAS source code.
As described in a previous article about getting an Apereo CAS application up and running, we used the default username and password to log in to the CAS. But in a real-world scenario, we need to implement some sort of mechanism to authenticate a user. It is more common to use an authentication handler for this purpose. In this article, we are going to look into the details of implementing a custom authentication handler in an Apereo CAS (hereafter it will be simply referred to as CAS) application.
Note: Additional implementational details are available inside the following code blocks as Java comments.
Configure Anypoint platform to use Azure AD as an external identity provider (IDP), including, Single Sign-on (SSO) and the mapping of Azure AD groups to Anypoint platform roles and role groups.
The article will help you through basic knowledge for incorporating Azure AD as an external identity provider to the Anypoint platform. It will also help to set the basic integration and SSO setup between Azure AD and the Anypoint platform. Before we start, keep in mind that the Relying Party Trust will need to be created manually as we do not provide a metadata file (nor is its use supported).
At its core, Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services. SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into a service that acts as the single source of identity which then grants access to a subset of other internal services.
The advantage of adopting SAML/SSO from a security perspective is clear:
Suppose you have a web application that people are using to do one thing X, but you are doing it great. For example, it would be a web store allowing to order a custom T-shirt printing by uploading some funny and pretty images found on the internet.
You are looking for ways to extend its functionality by adding some more capabilities for your users, but you don't want to lose the focus on this thing that you are doing best of all.
Application security is becoming a more and more important topic on a day-to-day basis. Unauthorized access to protected data can potentially cost millions of dollars in the form of various financial penalties. Almost every application needs some reliable tool to manage its users’ identities and accesses. There are a bunch of solutions on the market — both free and paid — that promise to provide such features. In today’s article, I will try to present you one of these tools, which as you probably guess from the title, will be Keycloak. I hope that this article will give you a better understating of its basics and why it may be profitable for you to get more familiar with it. As usual, I will start with a short description of what Keycloak exactly is.
For years now, it's been clear that cloud storage was going to eventually supplant most on-premises data storage architectures. At the enterprise level, it's already happened. But further down the ladder, among small businesses, that's not the case yet. Part of the reason for that is the fact that some 61% of small businesses believe that their data won't be safe in the cloud.
What's odd about that is the fact that small businesses, as a group, already face some of the biggest security challenges for their on-premises infrastructures. According to the latest Verizon Data Breach Investigation Report, small businesses now account for 28% of all successful data exfiltration events. That number increases each year because hackers now choose to go after the easiest possible targets – and they're it.
You can configure identity management in the Anypoint Platform to set up users for single sign-on (SSO). There are two ways to configure identity management using one of the following single sign-on standards:
OpenID Connect: End-user identity verification by an authorization server including SSO
Single sign-on (SSO) is the standard nowadays, regardless of industry or company size. It might be strange to think that SSO used to only be available to enterprise companies that could afford it.
Today, with service providers like Okta and enabling technologies such as OpenID Connect (OIDC) and OAuth 2.0, developers can easily integrate SSO into their websites and apps
If you’re building custom applications owned by the same organization, there are many benefits of implementing single sign-on (SSO). You get shorter development time, increased security, and improved user experience. One of my favorite aspects of SSO is that instead of upgrading a large codebase all at once, you can do it a piece at a time.
What do I mean by that? Well, let's say you're looking to shift an app written in ASP.NET MVC 5 to ASP.NET Core MVC. You can do so by migrating each service at a time instead of rewriting the entire thing. You can then connect the two apps like they were one by enabling SSO.
As more and more of you manage more and more sites via The Hub we’ve got some super big things in the works, starting with single sign on (SSO) goodness.
Take a look through the documentation now or read on for a more narrative version, to ask any questions and all that jazz.
Essentially, if you choose to opt-in, you can now go straight from WPMU DEV to your WordPress admin area, without needing to enter your username or password, saving you vast amounts of time and annoyance.
And we don’t even store your username or password details, so your site is secure and safe.
How Do I Get Started?
Well first up you’ll need to make sure your WPMU DEV Dashboard plugin is up to date (although of course it should already be because you’ve either got it set to auto update or you have Automate set up to take care of that… if you haven’t already then please do!).
Then, in your WP Admin area visit “WPMU DEV > Settings” and turn it on :)
It doesn’t get much easier than that
Now, whenever you log into The Hub you’ll be able to jump to the WP Admin area of your site without having to log in.
Is It Safe & Secure?
Absolutely, because we’re using the WPMU DEV Dashboard plugin which securely communicates with WPMU DEV we don’t need to know or save any of your credentials (we do the same with credit cards).
So, while there are absolutely no plans to go there… were we to suffer a security incident then all of your passwords (and payment methods) would be completely safe.
And to be even more secure, you should turn on 2 Factor Authentication (using Google Authenticator) for your WPMU DEV account too, just visit your account page and scroll down a little.
As you know we’ve been working super hard to give you the easiest possible ‘getting started’ experience when you add a new site to WPMU DEV and now, this is an option as part of that :)
All you need to do is tick the box.
Couldn’t be easier :)
What’s Next?
We know it’s taken much longer than a lot of you would have hoped for, but we’re determined to get the next stage of The Hub (2.0) right and this is all part of making that happen – so you should expect to see a whole bunch of features that make managing multiple WP sites vastly easier, quicker and more enjoyable.
Please take a look at the roadmap to find out more and, of course, feel to ask us anything in the comments.
Google Cloud Platform security features cover a range of Google’s products and services, such as the popular G Suite applications. These products and services are built on one of the most secure data infrastructures in the world. But, it’s still your responsibility to make sure your Google apps security settings are set up properly. This is where these five Google Cloud security best practices come in handy.
1. Set Up Your Google Cloud Organizational Structure
When you first log in to your Google Admin console, everything will be grouped into a single organizational unit. Any settings you apply to this group will apply to all the users and devices in the organization. Planning out how you want to organize your organizational units and hierarchy before diving in will help you save time and create a more structured security strategy.
