Security Archives - Red Hat Developer

Use mobile numbers for user authentication in Keycloak

By Siddhartha De October 23, 2020October 22, 2020

I recently worked on a project that required using a mobile number for user authentication, instead of the traditional username and password. Almost everyone has a unique mobile number, so the requirement made sense. Our authentication tool is Keycloak, which does not ship with an option for mobile-based authentication. Instead, my team developed a custom authentication executor to meet the requirement.

In this article, I show you how to use Keycloak’s authentication service provider interface (SPI) to write a custom MobileAuthenticator class and then instantiate it with an AuthenticationFactory. I also show you how to package and compile the mobile authentication project using Maven and how to create a custom mobile authentication flow for Keycloak.

Continue reading “Use mobile numbers for user authentication in Keycloak”

Securely connect Quarkus and Red Hat Data Grid on Red Hat OpenShift

By James Falkner October 15, 2020October 14, 2020

The release of Red Hat Data Grid 8.1 offers new features for securing applications deployed on Red Hat OpenShift. Naturally, I wanted to check them out for Quarkus. Using the Quarkus Data Grid extension made that easy to do.

Data Grid is an in-memory, distributed, NoSQL datastore solution based on Infinispan. Since it manages your data, Data Grid should be as secure as possible. For this reason, it uses a default property realm that requires HTTPS and automatically enforces user authentication on remote endpoints. As an additional layer of security on OpenShift, Data Grid presents certificates signed by the OpenShift Service Signer. In practice, this means that Data Grid is as secure as possible out of the box, requiring encrypted connections and authentication from the first request. Data Grid generates a default set of credentials (which, of course, you can override), but unauthenticated access is denied.

In this article, I show you how to configure a Quarkus application with Data Grid and deploy it on OpenShift.

Continue reading “Securely connect Quarkus and Red Hat Data Grid on Red Hat OpenShift”

Install a signed certificate with Open Liberty 20.0.0.10’s Automatic Certificate Management Environment Support 2.0

By Jakub Pomykala October 7, 2020October 6, 2020

Red Hat Runtimes now supports the new Open Liberty 20.0.0.10 Java runtime. Open Liberty 20.0.0.10 features support for the Automatic Certificate Management Environment (ACME) protocol, which automates the process of obtaining a certificate signed by a certificate authority (CA). The Open Liberty 20.0.0.10 release also includes many bug fixes.

Continue reading Install a signed certificate with Open Liberty 20.0.0.10’s Automatic Certificate Management Environment Support 2.0

Connecting external clients to Red Hat AMQ Broker on Red Hat OpenShift

By Paul Vergilis August 26, 2020August 21, 2020

Developers deploying Red Hat AMQ on Red Hat OpenShift often wonder how to connect external clients to AMQ Broker using the Transport Layer Security (TLS) protocol, which is an improved successor to the Secure Sockets Layer (SSL) protocol.

Continue reading Connecting external clients to Red Hat AMQ Broker on Red Hat OpenShift

Improved configuration and more in Red Hat CodeReady Workspaces 2.3

By Parag Dave August 21, 2020August 20, 2020

Based on Eclipse Che, Red Hat CodeReady Workspaces (CRW) is a Red Hat OpenShift-native developer environment that supports cloud-native development. CodeReady Workspaces 2.3 is now available. For this release, we focused on improving CRW’s configuration options, updating to the latest versions of IDE plugins, and adding new devfiles.

CodeReady Workspaces 2.3 is available on:

OpenShift 3.11 and OpenShift 4.3 and higher, including OpenShift 4.5.
OpenShift Dedicated 4.3, via the add-ons capability.

Continue reading “Improved configuration and more in Red Hat CodeReady Workspaces 2.3”

iptables: The two variants and their relationship with nftables

By Eric Garver August 18, 2020August 12, 2020

In Red Hat Enterprise Linux (RHEL) 8, the userspace utility program iptables has a close relationship to its successor, nftables. The association between the two utilities is subtle, which has led to confusion among Linux users and developers. In this article, I attempt to clarify the relationship between the two variants of iptables and its successor program, nftables.

Continue reading iptables: The two variants and their relationship with nftables

OpenShift for Kubernetes developers: Getting started

By Aditi Kulkarni August 14, 2020August 12, 2020

If you are familiar with containers and Kubernetes, you have likely heard of the enterprise features that Red Hat OpenShift brings to this platform. In this article, I introduce developers familiar with Kubernetes to OpenShift’s command-line features and native extension API resources, including build configurations, deployment configurations, and image streams.

Continue reading OpenShift for Kubernetes developers: Getting started

Secure authentication with Red Hat AMQ 7.7 and ApacheDS LDAP server

By Chandra Shekhar Pandey August 11, 2020August 10, 2020

In this article, we will integrate Red Hat AMQ 7.7 with the ApacheDS LDAP server. However, any version of the AMQ 7.x series can be integrated with the steps mentioned in this article.

For this example integration, we’ll use Apache Directory Studio, which is an LDAP browser and directory client for ApacheDS. You will learn how to set up the ApacheDS LDAP server from scratch, and how to integrate the new LDAP configuration changes that are required in AMQ 7.7. Finally, we’ll test the integration with an AMQ 7.7 shell-based client, using Hawtio as a graphical user interface (GUI). This will be helpful to system administrators and developers as they can quickly create a proof of concept for LDAP and AMQ integration. This will help in enabling role-based access control(RBAC) for accessing AMQ 7.7.

Note: Our example is based on security-ldap, which shows how to configure and use a secure Java Message Service (JMS) application layer with ActiveMQ Artemis and the ApacheDS LDAP server. This example ships with all AMQ 7.x distributions. I have tested the integration in Fedora 32 and the OpenJDK version of Java 8 (1.8.0_252).

Continue reading “Secure authentication with Red Hat AMQ 7.7 and ApacheDS LDAP server”

A deep dive into Keycloak

By Stian Thorgersen and Burr Sutter August 7, 2020August 7, 2020

DevNation Tech Talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions plus code and sample projects to help you get started. In this talk, you’ll learn about Keycloak from Stian Thorgersen and Burr Sutter.

Continue reading A deep dive into Keycloak

Authorizing multi-language microservices with Louketo Proxy

By Rarm Nagalingam August 3, 2020August 25, 2020

Update August 25, 2020: The Louketo Proxy team has announced that it is sunsetting the Louketo project. Read the link for more information, and watch our site for a new article detailing how to authorize multi-language microservices using a different method.

Continue reading Authorizing multi-language microservices with Louketo Proxy

Blog Articles