Brian Atkisson

Brian J. Atkisson is a Senior Principal Systems Engineer and the technical lead on the Red Hat IT Identity and Access Management team. He has 18 years of experience as a Systems Administrator and Systems Engineer, focusing on identity management, virtualization, systems integration, and automation solutions. He is a Red Hat Certified Architect and Engineer, in addition to his academic background in Biochemistry, Microbiology and Philosophy.

Recent Posts

Account Management with JBoss BPM Suite

Red Hat’s IT department recently deployed JBoss BPM Suite to handle automated process workflow. JBoss BPM Suite is officially defined as:

An open source business process management suite that combines Business Process Management and Business Rules Management and enables business and IT users to create, manage, validate, and deploy Business Processes and Rules.

IT’s immediate use case is to replace our aging account management system, which is essentially a collection of perl and python scripts.  Some of these date back to the turn of the millennium. These scripts had the responsibility of handling all aspects of user life cycle management, including:

  • Pulling user data from the HRMS
  • Creating the user LDAP object
  • Creating the user group LDAP object
  • Creating application accounts (home directories, mailboxes, etc)
  • Updating LDAP objects with HRMS changes
  • Closing user accounts and removing LDAP objects upon termination
  • Syncing account information with third party systems (SaaS vendors, etc)

These legacy scripts would perform SQL queries directly against multiple data sources and call LDAP operations, application command line tools and make API calls. While this system worked well for many years, maintenance became an incredible burden. In essence, only one person knew the account automation system. New application integration requests would have to wait months for resources to free up. For applications allowing direct API integration, that meant some pour soul (me) would have to spend a fair amount of time just figuring out how this new application worked and what API calls were necessary. Moreover, when a vendor would suddenly change their API, that meant something was broken until there was time to fix it. The result was Service Desk team having to perform hundreds of manual operations in the mean time. Essentially, the maintainer could not scale with demand, let alone have the time to become an expert in every new application.

Continue reading “Account Management with JBoss BPM Suite”


Summit Live Blog: Middleware security: Authentication, authorization, and auditing services

As you would expect, security is a key focus for Red Hat.  Secure by default is more than a goal, it is a guiding principle across all product lines.  Middleware is no exception and there are some amazing things going on in this space. Divya Mehra and Vikas Kumar of Red Hat walked us through some of the recent innovations, including the recently released Red Hat SSO, product built upon KeyCloak. Derek Walker of SWIFT also spoke about how the leading financial system message broker relies upon JBoss Fuse for secure messaging.

Security is one of the most important topics in computing today, it can be separated into three key pillars and further mapped into middleware features:

  • Confidentiality
    • Authentication
    • Authorization
  • Integrity
    • Audit logging
    • non-repudiation
  • Availability
    • Clustering
    • Guaranteed Delivery

In short, Red Hat JBoss Middleware is secure and open source throughout the entire product line, giving customers increased assurances, such as:

  • Known, fully open source components
    • built securely from source
  • Proactive security notifications and fixes
  • Standards-based
    • OpenJDK
    • SAML 2.0, Kerberos, OpenID Connect
    • TLS, WS-security

Red Hat SSO is the newest member of this product line, providing a brand new server for complete identity management federation:

  • SAML 2.0
  • OpenID Connect
  • OAuth 2.0

It also comes with client adapters, allowing customers to easily integrate their applications with Red Hat SSO or other standard-compliant identity provider.

Red Hat SSO server is a complete, stand-alone product and is Red Hat’s solution for web-based federation.  It can interface with Red Hat Identity Management (IdM) for integration with internal corporate identity management.  It can also work with Active Directory and plain LDAP.  There is native OpenStack and OpenShift integration with Red Hat SSO coming down the line as well.

Continue reading “Summit Live Blog: Middleware security: Authentication, authorization, and auditing services”


DevNation Live Blog: Meet the assertable Chaos Monkeys for your Docker system

The production system has been targeted by troublesome random failures over a long period of time, and countless hours of debugging has yielded no valuable results. We’re close to throwing in the towel. An army of Chaos Monkeys has been deployed in an attempt to force the issue, but no solution is in sight. We need to take back control. It’s time to meet the assertable Chaos Monkey, Arquillian Cube Q. Arquilian Cube Q is an extension that gives you full control over a production-like system right from the comfort of your IDE. In this session, we’ll explore some of the things you can do when you have control over the whole system. We’ll validate scalability and connectivity, assert the failure state, enforce service responses, and more.


Continue reading DevNation Live Blog: Meet the assertable Chaos Monkeys for your Docker system


DevNation Live Blog: Agile is a four-letter word

“Based on a wide variety of surveys taken over recent years, many companies are transitioning to something that looks more like Agile than the processes they were using in previous years. However, that transition doesn’t necessarily mean implementations have been done respectfully of the Agile Manifesto and the principles behind it. In large part, industry trends seem to indicate that the sloganization of the word has done a significant disservice to the ideas that were originally founded in 2001. To add even more pain, most people seem to be entirely unaware of the core basis of Agile which is the idea to embrace change but inspect and adapt to that change. Are we lost as an industry? Is there anyway we can recover from this problem? In this session, attendees can expect to engage in a conversation about the rise of the Agile community, the negative and positive impact it has had on the industry, and how you individually can help your organizations and teams lower the risk of encountering the negative problems, and speed your way towards the positives. Topics will include:

DevNation Live Blog: Cryptography: What every application developer needs to know

Cryptography is something that technical folks either get excited over or completely tune out.  There does not seem to be much of a middle ground.  That said, cryptography is such an essential component of modern life that without it, the Internet and many, many companies would crumble.

Continue reading DevNation Live Blog: Cryptography: What every application developer needs to know


DevNation Live Blog: You’ve got microservices… Let’s secure them

KeyCloak is the upstream project for the newly released Red Hat Single Sign On (SSO) product.  The project and product goes well beyond a traditional SAML Identity Provider, supporting federation protocols such as OAuth 2.0 and OpenID Connect.  While it is built upon JBoss EAP 7, both KeyCloak and RH-SSO are designed to be standalone systems for providing website authentication and authorization services.  In fact, Red Hat believes in RH-SSO so much, that we just switched the authentication system for the high traffic Red Hat properties to use this new product (more on this tomorrow).

Continue reading DevNation Live Blog: You’ve got microservices… Let’s secure them


DevNation Live Blog: Make applications great again: OpenShift Enterprise 3 walk-through with Docker and Kubernetes

OpenShift 3 is all about Docker containers.  More importantly, it is about management orchestration of containerized applications.  Red Hat IT was a big consumer of OpenShift 2 and likewise, we are moving as many applications as possible to containers.  OpenShift 3 is a big part of this strategy.  On a personal note, OpenShift 3 is an incredible product.  I even have it installed at home for various services 🙂

Continue reading DevNation Live Blog: Make applications great again: OpenShift Enterprise 3 walk-through with Docker and Kubernetes


DevNation Live Blog: Container development for command line developers

Yesterday, I did a live blogging post covering the Container Development Kit DevNation session.  The CDK solves a fairly large problem, one that I have struggled with during my tenure as a Systems Administrator… giving developers a production-like environment.  If you cannot tell, I’m a big fan of the CDK.  It doesn’t just give developers access to something approximating production, it also gives you an IDE combined with the tools to make you productive with the sandbox environment.

Continue reading DevNation Live Blog: Container development for command line developers