Posted by John on July 15, 2016
I had the opportunity to attend DockerCon 2016 in Seattle. I attended several sessions and there were some amazing presentations. The following presentation stood out with me and it is definitely worth the time to watch. John Willis and Josh Corman explain the risks and costs of having inconsistent infrastructure. John explains the benefits of using methodologies to […]
Posted by Chris on March 10, 2016
Heading up to Smartbear’s offices for the next API Craft Meetup on March 30. We will be discussing our experiences with OAuth2 protocol and then performing a demonstration using Booknds Swagger Editor, WSO2 API Manager, Surf OAuth Resource Server and Spring Boot. The goal of the discussion will be to focus on the Authorization Code […]
Posted by Chris on February 5, 2016
Ping Federate in its current form does not support Dynamic Client Registration draft but does provide several Administration APIs. Using the Third Party Key Manager support one can use the AbstractKeyManager and use the createApplication(), retrieveApplication(), getTokenMetaData() and other methods to interact with the oauth/clients resource. Documentation is available @ https://Ping_Federate_ Hostname:9999/pf-admin-api/api-docs.
Posted by Chris on November 7, 2015
Some of our latest work has been doing research and implementation of OpenID Connect using WSO2 Identity and WSO2 API Manager products via an Authorization Grant. To demonstrate this feature we leveraged Google Developer Console to create a OAuth2 application. This helps provide the consumer key and secret that is necessary for federated authentication. Additionally […]
Posted by Chris on August 18, 2015
We just recently ran into an issue where WSO2 Identity Server would not update Salesforce.com provider settings including client_id and client_secret through the administration console. Examination of HTTP requests being sent to Salesforce.com login server showed that some of the settings were still set to the previous values. We had delete the Salesforce.com configuration and […]
Posted by Chris on July 13, 2014
Working with a recent client, we spent a good portion of time developing a JAX-WS service to support OAuth 1.0a Header processing. If anyone needs help in this area, let us know and we can post a representative example in GitHub.
Posted by Chris on April 17, 2013
A year ago we were working on trying to have soapUI invoke Oracle Service Bus that had employed a WLS 9.0 XML Digital Signature policy. To get this to work, we had to configure soapUI’s XML Digital Signature policy to have the following information: Keystore = Alias = Signature Algorithm = http://www.w3.org/2000/09/xmldsig#rsh-sha1 Digest Algorithm = […]