Authentication on Janik von Rotz

Grafana OAuth with Keycloak and how to validate a JWT token

Thu, 27 Aug 2020 17:18:30 +0200

In this tutorial I am going to show how you can connect a Garafana container that is hidden behind proxy with Keycloak. We want to log into Grafana with a Keycloak user and experience a seamless SSO-flow. Therefore we are going to configure an OAuth client for Grafana.

Odoo OAuth authentication with Keycloak

Fri, 24 Apr 2020 17:08:49 +0200

Introduction

OAuth is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account.

In our scenario Keycloak acts as the OAuth service and Odoo as the application that delegates the user authentication. In this guide you learn how to configure Odoo and Keycloak to handle an implicit OAuth flow.

Configure SAML Authentication for Nextcloud with Keycloack

Tue, 21 Apr 2020 12:05:28 +0200

Introduction

The complex problems of identity and access management (IAM) have challenged big companies and in result we got powerful protocols, technologies and concepts such as SAML, oAuth, Keycloack, tokens and much more.

The goal of IAM is simple. Centralize all identities, policies and get rid of application identity stores. Not only is more secure to manage logins in one place, but you can also offer a better user experience. As the title says we want to connect our centralized identity management software Keycloack with our application Nextcloud.

Build an Apollo Graphql user authentication for your React app - part 3

Thu, 26 Sep 2019 10:31:27 +0200

This is the final post of my GraphQL Auth series. Before reading this post checkout post 1 and post 2.

As mentioned in my last post we need to polish our authentication solution. First we wanna ensure that the JWT token expires. Second, I think the isAuthenticated directive is insufficient for proper permission management on our types, queries and mutations. We need a role based solution. While the first point is simple to implement, the second is more complex and definitely requires walking through the previous posts.

Build an Apollo Graphql user authentication for your React app - part 2

Thu, 29 Aug 2019 19:34:07 +0200

In my last post we built a Graphql API that handles user authentication and authorization. In particular we added a loginUser query that returns a JWT token. This token can be used to access restricted resources. In this post I will show what the implementation looks like on Reacts side.

Build an Apollo Graphql user authentication for your React app - part 1

Tue, 27 Aug 2019 18:35:12 +0200

I am currently building an Apollo Graphql API and a React web application. The application requires a user authentication functionality in order to enforce access restrictions on the Graphql endpoint. Apollo Graphql does not provide an out-of-the-box-solution and therefore I would like to present my solution.

The Future of Authentication

Mon, 07 Jan 2019 09:06:27 +0100

The world is changing and so does it in 2019. Time to make so predictions for the new year.

I firmly believe that we will see huge progress in the field of secure user authentication. As you might know the current state of authentication is fundamentally flawed. Users set weak passwords, 2-factor authentication is a usability mess and accounts are compromised on a daily basis. These problems are well known and big tech companies have tried to tackle them on their own.

Meteor register LDAP login request handler

Wed, 08 Feb 2017 20:53:56 +0000

One requirement for my current Meteor project was that a user must login with their ActiveDirectory account. This means that Meteor must be able to authenticate against LDAP. In atmosphere there are already a few packages available which implement and support LDAP authentication. However, they are either outdated or difficult to configure. This is why I’ve decided to build my own custom login request handler for Meteor.

Authenticate Meteor accounts with the Apollo GraphQL API

Sat, 12 Nov 2016 10:21:20 +0000

One of the popular features of Meteor is its accounts package. As you know, it makes it fairly easy to add a user authentication solution to your Meteor app or add support for different oAuth services. With the possibility to integrate an Apollo GraphQL API into your Meteor app this became a bit more difficult. The Apollo stack does not support an out of the box solutions to authenticate users with Meteor accounts. Jonas Helfer, one of the Apollo core devs, proposed two ways to authenticate users with your app:

Build a Java 3-tier application from scratch – Part 5: Client controller

Wed, 01 Apr 2015 09:27:32 +0000

As you’ve seen there are 5 models in our application. This is not that much but requires a lot of effort to display them in the client application. As this tutorial doesn’t cover every aspect of a rich 3-tier applicatoin I will show only how you can authenticate the client application and edit the Employer entities.

Build a Java 3-tier application from scratch – Part 3: Object-relational mapping

Mon, 30 Mar 2015 16:41:24 +0000

Welcome to third part of my 3-tier application tutorial. Within this and the next part we are going to develope simple webservice that communicates with the database and maps Java objects to data tables. We will create a controller that communicates with our MySQL database using the EclipseLink ORM to abstract this process.

Here’s a picture of what we want to achieve. A simple webservice that’s serves depending on the url an array of json data.

Do not forget to update to Microsoft Office 2013 when using Office 365 or SharePoint Online

Mon, 16 Dec 2013 18:07:01 +0000

When deploying a published SharePoint 2013 on-premise installation or a Office 365 installation or a SharePoint Online installation, it’s highly recommended to update your Microsoft Office 2013 installation.

Office365 ADFS Chrome Login fails

Tue, 10 Sep 2013 13:49:40 +0000

Today I experienced an exotic behaviour, a client couldn’t access his Office365 page due he wasn’t able to login on the ADFS authentication prompt.

After googling and binging (just kidding, NERD) I found a simple solution.