Software Security for Developers
Improve your application's security and close vulnerabilities with improved tooling and processes.
Application Security Posts

How to enable HTTPS and SSL termination in a Quarkus app
January 6, 2021When it comes to the container world, it is common to have an application deployed to a cluster that needs to be secured. In this article, I will show you how to enable HTTPS and SSL termination for a Quarkus application that is running in Red Hat OpenShift. Create the secret First, we will need […]

How to restrict user authentication in Keycloak during identity brokering
December 30, 2020As per the design, Keycloak imports all users into its local database if the users are authenticated via any third-party identity provider (e.g., Google, Facebook, or Okta). But what if users authenticated through the third-party identity provider have to be restricted—or be allowed only limited access—to applications that are federated with Keycloak? Here’s how you […]

Integrating Red Hat Single Sign-On version 7.4 with Red Hat Directory Server (LDAP)
December 29, 2020This article describes the integration of Red Hat Single Sign-On (SSO) with Red Hat Directory Server 11 (LDAP). It also illustrates how it is possible to perform user synchronization and group synchronization between Red Hat Directory Server and Red Hat’s single sign-on tools. Install Red Hat Directory Server 11 To install Red Hat Directory Server […]

Use Oracle's Universal Connection Pool with Red Hat JBoss Enterprise Application Platform 7.3 and Oracle RAC
December 7, 2020Data is a critical business application component, but ensuring consistent, reliable data access can be challenging. Adding distributed services and high availability to your application requirements makes data access even more complicated. You can now use Oracle’s Universal Connection Pool (UCP) together with Oracle Real Application Clusters (RAC) and Red Hat JBoss Enterprise Application Platform […]

Authentication and authorization using the Keycloak REST API
November 24, 2020Enabling authentication and authorization involves complex functionality beyond a simple login API. In a previous article, I described the Keycloak REST login API endpoint, which only handles some authentication tasks. In this article, I describe how to enable other aspects of authentication and authorization by using Keycloak REST API functionality out of the box.

Using Multus and DataVolume in KubeVirt
November 18, 2020KubeVirt is a cloud-native virtual machine management framework based on Kubernetes. KubeVirt orchestrates workloads running on virtual machines in the same way that Kubernetes does for containers. KubeVirt has many features for managing the network, storage, images, and the virtual machine itself. This article focuses on two mechanisms for configuring network and storage requirements: Multus-CNI […]
Latest Comments
""
July 18, 2019