Software Security for Developers

Improve your application's security and close vulnerabilities with improved tooling and processes. 

Application Security Posts

How to enable HTTPS and SSL termination in a Quarkus app

How to enable HTTPS and SSL termination in a Quarkus app

January 6, 2021

When it comes to the container world, it is common to have an application deployed to a cluster that needs to be secured. In this article, I will show you how to enable HTTPS and SSL termination for a Quarkus application that is running in Red Hat OpenShift. Create the secret First, we will need […]

How to restrict user authentication in Keycloak during identity brokering

How to restrict user authentication in Keycloak during identity brokering

December 30, 2020

As per the design, Keycloak imports all users into its local database if the users are authenticated via any third-party identity provider (e.g., Google, Facebook, or Okta). But what if users authenticated through the third-party identity provider have to be restricted—or be allowed only limited access—to applications that are federated with Keycloak? Here’s how you […]

Integrating Red Hat Single Sign-On version 7.4 with Red Hat Directory Server (LDAP)

Integrating Red Hat Single Sign-On version 7.4 with Red Hat Directory Server (LDAP)

December 29, 2020

This article describes the integration of Red Hat Single Sign-On (SSO) with Red Hat Directory Server 11 (LDAP). It also illustrates how it is possible to perform user synchronization and group synchronization between Red Hat Directory Server and Red Hat’s single sign-on tools. Install Red Hat Directory Server 11 To install Red Hat Directory Server […]

Use Oracle's Universal Connection Pool with Red Hat JBoss Enterprise Application Platform 7.3 and Oracle RAC

Use Oracle's Universal Connection Pool with Red Hat JBoss Enterprise Application Platform 7.3 and Oracle RAC

December 7, 2020

Data is a critical business application component, but ensuring consistent, reliable data access can be challenging. Adding distributed services and high availability to your application requirements makes data access even more complicated. You can now use Oracle’s Universal Connection Pool (UCP) together with Oracle Real Application Clusters (RAC) and Red Hat JBoss Enterprise Application Platform […]

Authentication and authorization using the Keycloak REST API

Authentication and authorization using the Keycloak REST API

November 24, 2020

Enabling authentication and authorization involves complex functionality beyond a simple login API. In a previous article, I described the Keycloak REST login API endpoint, which only handles some authentication tasks. In this article, I describe how to enable other aspects of authentication and authorization by using Keycloak REST API functionality out of the box.

Using Multus and DataVolume in KubeVirt

Using Multus and DataVolume in KubeVirt

November 18, 2020

KubeVirt is a cloud-native virtual machine management framework based on Kubernetes. KubeVirt orchestrates workloads running on virtual machines in the same way that Kubernetes does for containers. KubeVirt has many features for managing the network, storage, images, and the virtual machine itself. This article focuses on two mechanisms for configuring network and storage requirements: Multus-CNI […]

Latest Comments

Waiting for Disqus…