Annobin – Storing Extra Information in Binaries

Introduction

Compiled files, often called binaries, are a mainstay of modern computer systems. But it is often hard for system builders and users to find out more than just very basic information about these files. The Annobin project exists as means to answer questions like:

  • How was this binary built?
  • What testing was performed on the binary?
  • What sources were used to make the binary ?

The Annobin project is an implementation of the Watermark specification , which details how to record extra information in a binary. One important feature of this specification is that it includes an address range for the information stored. This makes it possible to record the fact that part of a binary was compiled with one set of options and another part was recorded with a different set of options.

Continue reading “Annobin – Storing Extra Information in Binaries”

Share

Integrate RH-SSO 7.x with Liferay DXP using SAML

The aim of this tutorial is to configure Red Hat Single Sign On (RH-SSO) to work as an Identity Provider (IdP) for Liferay DXP through SAML.

Liferay DXP supports functionalities for Single Sign On (SSO) such as NTLM, OpenID, and Token-based and integration with IdPs like Google and Facebook. But when it comes to enterprise environments, the requirements may be stricter, especially regarding integration with externals IdPs.

Continue reading “Integrate RH-SSO 7.x with Liferay DXP using SAML”

Share

Enabling SAML-based SSO with Remote EJB through Picketlink

Lets suppose that you have a remote Enterprise JavaBeans (EJB) application where the EJB client is a service pack (SP) application in a Security Assertion Markup Language (SAML) architecture. You would like your remote EJB to be authenticated using same assertion which was used for SP.

Before proceeding with this tutorial, you should have a basic understanding of EJB and Picketlink.

Continue reading “Enabling SAML-based SSO with Remote EJB through Picketlink”

Share

Dynamically Creating Java Keystores in OpenShift

Introduction

With a simple annotation to a service, you can dynamically create certificates in OpenShift.

Certificates created this way are in PEM (base64-encoded certificates) format and cannot be directly consumed by Java applications, which need certificates to be stored in Java KeyStores.

In this post, we are going to show a simple approach to enable Java applications to benefit from certificates dynamically created by OpenShift.

Continue reading “Dynamically Creating Java Keystores in OpenShift”

Share

Red Hat Developer Program introduces new topic on secure programming

A Ponemon Institute report showed that 71% of developers believed that security was not adequately addressed during the software development lifecycle. This figure is revealing as it demonstrates that developers view security as a development priority, yet you often feel unequipped to engage.

The relationship between security and developers has traditionally been like two teams competing at a tug-of-war. On one end, as developers, you are pulling to produce functional products as fast as possible. You don’t want to be told what to do and definitely do not want the security teams to get in the way of developing code. On the other end, security is pulling to ensure the product is as secure as possible.

Writing secure code should be at the top of your minds, especially given the number of application security breaches that find their way into the news. A critical first step is learning important secure coding principles and how they can be applied so you can code with security in mind.

The good news is that you have a great resource to help with secure programming! On the Red Hat Developer Program website, you will find numerous tools that can help you code with security in mind, such as:

Continue reading “Red Hat Developer Program introduces new topic on secure programming”

Share

OpenID Connect Identity Brokering with Red Hat Single Sign-On

Introduction

In this post, I will provide a walk through of how to set up Identity Brokering on an RH-SSO server.

Red Hat Single Sign-On (RH-SSO) provides Web single sign-on and identity federation based on SAML 2.0, OpenID Connect and OAuth 2.0 specifications.

For this tutorial, you will need:

  • An RH-SSO Instance.
  • A Web/Mobile Application with an OpenID Connect adapter.
  • An OpenID Connect Provider Server (Such as Keycloak) to be used as the 3rd Party Identity Provider.

Continue reading “OpenID Connect Identity Brokering with Red Hat Single Sign-On”

Share