Discovery data feed for Eid 2.0
|
|
- Morris Harper
- 5 years ago
- Views:
Transcription
1 Discovery data feed for Eid 2.0 Proposal for a generic discovery solution for Eid 2.0 Stefan Santesson, 3xA Security AB Summary E- legitimationsnämnden in Sweden are preparing for a new infrastructure for identification and electronic signatures (Eid 2.0). A test infrastructure is put into place (Testbädden för Eid 2.0) where participants can test implementations and contribute to technical specifications. One area that needs to be determined for Eid 2.0 is the way to handle IdP discovery. This document outlines such proposal. The solution proposed in this document has been implemented and tested. Currently, this solution for Idp discovery is fully integrated in the test SP service located at The proposed discovery data feed service is available at Background SAML discovery service The use for a 3 rd party discovery service according to the SAML discovery service protocol has its advantages and disadvantages. A great disadvantage is that the discovery service introduces one more web page (dialogue) that the user needs to visit on login and that this dialogue also may introduce a whole new look and feel than the service provider and the identity provider web pages. A great advantage is however that the discovery service is a common service with which the user may get/set a cookie to remember the choice of Identity provider across multiple services. That is, when a user selects an identity provider for login to one service, this choice can be stored in a cookie and become the preferred choice also when the same user wants to login to another service using the same common discovery service. The advantages and disadvantages with a local integration of IdP discovery at the local Service Provider is opposite. The advantage is that it provides the user with a homogeneous user experience as the IdP selection process can be integrated in the SP web service. The disadvantage is that this choice is hard to store with the user in a way that can help the user make the same IdP choice at another SP with a local discovery implementation. Local discovery feed at the SP Service provider applications used to integrate SAML authentication with an SP service, such as the Shibboleth SP application, provides a local discovery data feed that can be accessed from a login page using Ajax requests. The provided data in the
2 feed is extracted from a local cache of the federation metadata. In the Shibboleth case, this discovery data is provided as JSON data that can be imported and used in a browser web page using a simple JavaScript. Following the user s selection of IdP based on the available choices of Identity provider services, the user s web browser can remember the choice of IdP across multiple sessions by setting a cookie. The problem here, as noted above, is that this cookie by default is not useful when the user visits a service in another domain. Common discovery feed. One way to overcome the limitation of a local SP based discovery service that allows a user to remember the choice of Identity provider across multiple services, is to use a common discovery feed, which is provided as a common service to support all SP services in the federation. This will allow the user to set a cookie with the common discovery service and thus remember the choice of IdP across all SP services. However, in order to accomplish this, the solution must be designed to overcome some challenges, in particular the same origin policy enforced by common browsers. The same origin policy It is common to import data to a web page using Ajax (Asynchronous Java and XML), which in the case of discovery feeds, often is obtained in JSON format (instead of XML). However, browsers impose the same origin policy on Ajax requests for data. That is, the source of Ajax data must origin from the same domain (and use the same protocol) as the web page requesting the data. To request Ajax data from a service located in domain that is different from the domain of the SP providing the login web page, violates the same origin policy and is prevented. This effectively prevents any use of Ajax requests for discovery data in JSON form from a shared discovery service. Solving the same origin policy problem with JSONP One common way to circumvent this limitation is to use JSONP (Padded JSON). JSONP takes advantages of the fact that the same domain policy only applies to requests for data, but does not apply to import of JavaScripts from sources in other domains. JASONP therefore solves this problem by packaging data inside a JavaScript. While this may sound complicated, it is made very easy in practice through common libraries such as the jquery JavaScript library, which provides easy implementation of JSONP based data retrieval from sources outside of the web page document domain. JSONP format It is very easy to convert JSON data to JSONP. For example, if the JSON data is: { name : Carl The JSONP version of this data is: callbackfunctionname ({ name : Carl ) The name of the callback function callbackfunctionname can be arbitrarily chosen but must be unique within a session to enable the JavaScript to identify what data that is associated with each request.
3 Making a request for JSONP data is very easy in practice when using jquery, since jquery generates a random callback function name for every data request. A typical jquery AJAX request for JSON data may look like: $.getjson( urltodatasource', function(json) { //Code to handle the json data ); The $.gtetjson function normally gets the requested data using AJAX. However, by adding a callback=? query parameter to the URL, jquery alters the request from AJAX to an Http GET of a JavaScript that holds JSONP padded data. Jquery generates a random callback name (replacing the? ) and then uses this callback function to retrieve the data. All that needs to be done to alter the jquery JavaScript above to obtain the same JSON data through a JSONP request, is the following: $.getjson( urltodatasource?callback=?', function(json) { //Code to handle the json data ); The exact same JSON data is obtained in both examples. The only difference is that we are no longer restricted by the same origin policy with regards to the location of the data source when using JSONP. The server side implementation is almost as simple. The only thing the server side must do does in addition to a normal Ajax response of JSON data, is to read the callback function name from the URL query string in the Http GET request and wrap the JSON data behind that callback name, enclosed in parenthesis (as illustrated above). An example of such server side logic implemented inside an HttpServlet is: protected void processrequest(httpservletrequest request, HttpServletResponse response) throws ServletException, IOException { String callback = request.getparameter("callback"); if (callback!= null) { String jsonp = callback + "(" + getjsondata() + ")"; response.getwriter().write(jsonp); Where the getjsondata( ) function obtains the actual JSON content.
4 Proposed solution for Eid 2.0 A solution is proposed for Eid 2.0 where service providers obtains discovery data from a common JSONP discovery data feed: Login&page&from&SP&1& H:p'exchange'(web'pages'and'AJAX'data)' Service' Provider'1' Discovery'data' JSON'feed'(op6onal)' JSONP'Discovery'' data'and'cookies' Login&page&from&SP&2& JSONP'Discovery'' data'and'cookies' JSONP' discovery'data' feed' Metadata' Discovery'data' JSON'feed'(op6onal)' Federa6on' Metadata' H:p'exchange'(web'pages'and'AJAX'data)' Service' Provider'2' Requests The proposed JSONP discovery data feed offers two request functions: 1. Request for discovery data 2. Request for discovery cookie Session flow A typical session flow involves the following steps: 1. Get login page: The user loads a login web page from the service provider. This web page contains java script that implements the following steps. 2. Request discovery data: A request for discovery data is sent to the common JSONP discovery data feed by a JavaScript in the login page. The users cookie information about previous IdP choices is sent with the request. The response holds JSONP formatted data with two main components: a. Information about the users previous choice of Identity provider based on the cookie sent in the request. b. Information about all available Identity providers.
5 3. Update the IdP selection dialogue: The IdP selection dialogue is updated with the available IdPs listed in the discovery data where the user s previous choice of IdP is presented as the default choice. 4. User requests login: The user requests login with the selected Idp. 5. Set IdP selection cookie: Before sending the user to the selected Identity provider, The sends a new JSONP request to the discovery feed with information about the selected IdP. The server returns a cookie with information about the IdP selection. 6. User authentication: The user is transferred to the selected IdP for authentication. Request format Requests are sent to the JSONP discovery feed using Http Get and parameters of the request are sent as an URL encoded query string using the following fields and values: Field Values Description action discofeed Specifies a request for discovery data setcookie Specifies a request for a cookie holding the entityid of the selected IdP source URL to external source of JSON discovery data This is an optional field that only is relevant in a request for discovery data. Absent this field the JSONP server will construct the discovery data from the federation Metadata. If this field is present the specified URL are used to request JSON discovery data from the maxage Number of days until the requested cookie expires specified source. If this field is absent the cookie will be sent as a session cookie that will expire at the end of the session. This field is only relevant in requests for a cookie. callback? This field specifies the name fo the callback function in the response JavaScript and is required in all requests. The value must be unique for every data request. When this field is specified in a jquery $.getjson function, the value is set to? in order to auto- generate a random value. Example: The following is examples of typical requests to a JSONP discovery feed located at A standard request for discovery data (generated by jquery):
6 A request for discovery data where the <DiscoFeed_JSON> part of the discovery data is obtained from an external source, in this case from : eid2.3xasecurity.com/shibboleth.sso/discofeed&callback=? A standard request for a cookie, specifying that the slected IdP has the entityid : //idp.test.eid2.se/idp/shibboleth&maxage=100&callback=? Note: In all these examples the name of the callback function is set to?, which is the standard value in a jquery $.getjson request that will cause jquery to replace? with a unique value. The actual URL query string value sent to the server may look like this: callback=jquery _ This value must be unique for each request. Response format The discovery data response format uses the following main objects: Object JSONP data Extended_JSON DiscoFeed_JSON IdP_data_object DisplayName Content Callback_name(<Extended_JSON>) { last : [ entityid : <entityid value>], discofeed : <DiscoFeed_JSON> [<Array of IdP_data_object>] { entityid : <entityid>, DisplayName : [<Array of DisplayName>] { value : <display name>, lang : <ISO language code> Note: If no information about the user s previous choice of IdP is know (no cookie is provided in the request), the entityid value of last is set to an empty string. The JSON structure for DiscoFeed_JSON is compatible with the JSON format for the DiscoFeed provided by a Shibboleth SP. The format outlined above is the format used for standard responses, i.e. where the source url query string field is absent. If the source field is present, the data obtained by dereferencing the source URL is injected as the DiscoFeed_JSON data regardless of its format. This allows an SP to provide IdP data in any customized data format to the login pages obtained from the service, but to channel the data through the common JSONP discovery feed in order to allow use of the common cookie to determine the user s last IdP selection in any of the present services.
7 Example: The following is an example of JSONP data according to the default format: jquery _ ( {"last": [{"entityid": " "discofeed": [ {"entityid": " "DisplayNames": [ {"value": "NORDUnet (Test IdP)", "lang": "en" ], {"entityid": " "DisplayNames": [ {"value": "EID Testbädd Referens-IDP", "lang": "en" ], {"entityid": " "DisplayNames": [ {"value": "Kirei IDP", "lang": "en", {"value": "Kirei IDP", "lang": "sv" ]] ) Cookie response data format The important information in the response to a cookie request is the cookie itself, provided in the Http headers. Any data in the response can safely be ignored. However, for convenience, the current implementation of this proposal just returns the entityid of the selected IdP in the response data, sent in JSONP form as illustrated by the following example: jquery _ ( {"entityid": " ) Cookie The name of the http cookie set by the server the present implementation example is lastidp. The name can however be arbitrarily set by the server to any suitable name. The cookie returned by the server has its value set to the to the value of the entityid filed in the request for a cookie and its maxage set to the number of days specified by the maxage field in the request.
8 Implementation The current proposal has been implemented in a Service Provider within the test identity federation for Testbädden för Eid 2.0. The SP is located at: The JSONP discovery feed used in this implementation is located at: Client implementation The IdP discovery data and the information about previous IdP selection is used to populate and preselect a value in a select box for IdP selection in the login page. The JavaScript used to request and parse discovery data is: function getdiscofeed(){ var previous; var previdx =-1; $.getjson(' +?action=discofeed&callback=?', function(data) { previous = data.last[0].entityid; $.each(data.discofeed, function(i,idp){ entityid[i]=idp.entityid; if (entityid[i]==previous){ previdx=i; displayname[i]=idp.displaynames[0].value; // prefer names in Swedish $.each(idp.displaynames, function(j,idpname){ if (idpname.lang == "sv"){ displayname[i]=idpname.value; ); $("<option></option>").html(displayname[i]).appendto("#idpselect"); ); // Set last selected IdP as preselected value if (previdx>-1){ $('#idpselect option')[previdx].selected = true; ); The java script used to set a cookie and request user login at the selected IdP is: function idplogin(){ var i = document.getelementbyid('idpselect').selectedindex; $.getjson(' +?action=setcookie&entityid=' +entityid[i]+'&maxage=120&callback=?', function(data) { // Login window.location = Shibboleth.sso/Login +?entityid= + entityid[i] + &target= ; );
9 Server implementation The logic to parse requests in the HTTP servlet is provided by the following code: protected void processrequest(httpservletrequest request, HttpServletResponse response) throws ServletException, IOException { String action = request.getparameter("action"); if (action == null) { return; if (action.equals("discofeed")) { response.setcontenttype("text/javascript"); String json = getmetadatajson(); String sourceurl = request.getparameter("source"); if (sourceurl!= null) { json = getdiscofeed(sourceurl); String callback = request.getparameter("callback"); String jsonp = callback + "(" + getextendedfeed(json, request) + ")"; response.getwriter().write(jsonp); if (action.equals("setcookie")) { response.setcontenttype("text/javascript"); String value = request.getparameter("entityid"); String callback = request.getparameter("callback"); String maxagestr = request.getparameter("maxage"); int maxage; try { maxage = Integer.decode(maxAgeStr) * (60 * 60 * 24); catch (Exception ex) { maxage = -1; Cookie cookie = new Cookie("lastIdp", value); cookie.setmaxage(maxage); response.addcookie(cookie); String jsonp = callback + "({\"entityid\": \"" + value + "\")"; response.getwriter().write(jsonp); The external methods called in this code are: getmetadatajson( ) returns IdP discovery data in JSON form, extracted from the federation Metadata. getdiscofeed(sourceurl) returns IdP discovery data in JSON form from the external source specified by the URL query field source. getextendedfeed(json, request) returns the complete JSON data for this feed, including both information about last selected IdP (extracted from the cookie in the request) and the IdP discovery JSON data.
Discovery Service Infrastructure for Test- bädden
Discovery Service Infrastructure for Test- bädden för EID 2.0 Implementation guidelines Version 0.70 2013-04-24 This document describes the discovery service infrastructure for testbädden for EID 2.0 and
More informationDiscovery Service Options
Discovery Service Options SWITCHaai Team aai@switch.ch The classic way: One per Federation achieves high availability through redundancy and IP Anycast. 2 Alternatives to Central Direct Login URLs SWITCH
More informationSession 11. Calling Servlets from Ajax. Lecture Objectives. Understand servlet response formats
Session 11 Calling Servlets from Ajax 1 Lecture Objectives Understand servlet response formats Text Xml Html JSON Understand how to extract data from the XMLHttpRequest object Understand the cross domain
More informationSession 11. Ajax. Reading & Reference
Session 11 Ajax Reference XMLHttpRequest object Reading & Reference en.wikipedia.org/wiki/xmlhttprequest Specification developer.mozilla.org/en-us/docs/web/api/xmlhttprequest JavaScript (6th Edition) by
More informationDiscovery Service Options. SWITCHaai Team
Discovery Service Options SWITCHaai Team aai@switch.ch No Central WAYF for Interfederation The classic way: One WAYF per Federation WAYF achieves high availability through redundancy and IP Anycast. 2014
More informationDiscovery Service Options
Discovery Service Options Interfederation Crash Course Bern, 1. March 2013 Bea Huber aai@switch.ch No Central WAYF for Interfederation The classic way: One WAYF per Federation 2013 SWITCH 2 Alternatives
More informationSession 18. jquery - Ajax. Reference. Tutorials. jquery Methods. Session 18 jquery and Ajax 10/31/ Robert Kelly,
Session 18 jquery - Ajax 1 Tutorials Reference http://learn.jquery.com/ajax/ http://www.w3schools.com/jquery/jquery_ajax_intro.asp jquery Methods http://www.w3schools.com/jquery/jquery_ref_ajax.asp 2 10/31/2018
More informationIntegration of Web Applications
Integration of Web Applications The AAI Team, aai@switch.ch 2007 SWITCH Integration of Web Applications! Introduction! PHP and Java Integration! Application and Database Integration! AAIportal! WAYF Integration
More informationUsing the Visualization API with GWT and Other Advanced Topics. Itai Raz May 27, 2009
Using the Visualization API with GWT and Other Advanced Topics Itai Raz May 27, 2009 Agenda Visualization API & GWT More Advanced Topics Latency Security / Privacy Data View Q&A The Google Visualization
More informationUser Interaction: jquery
User Interaction: jquery Assoc. Professor Donald J. Patterson INF 133 Fall 2012 1 jquery A JavaScript Library Cross-browser Free (beer & speech) It supports manipulating HTML elements (DOM) animations
More informationIntroduction Haim Michael. All Rights Reserved.
Architecture Introduction Applications developed using Vaadin include a web application servlet based part, user interface components, themes that dictate the look & feel and a data model that enables
More informationForgeRock Access Management Customization and APIs
training@forgerock.com ForgeRock Access Management Customization and APIs Description AM-421 Course Description Revision B This course provides a hands-on technical introduction to ForgeRock Access Management
More informationQualys SAML 2.0 Single Sign-On (SSO) Technical Brief
Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief Qualys provides its customers the option to use SAML 2.0 Single SignOn (SSO) authentication with their Qualys subscription. When implemented, Qualys
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationEmbedded WAYF A slightly new approach to the discovery problem. Lukas Hämmerle
Embedded WAYF A slightly new approach to the discovery problem Lukas Hämmerle lukas.haemmerle@switch.ch The Problem In a federated environment, the user has to declare where he wants to authenticate. The
More informationCSCE 120: Learning To Code
CSCE 120: Learning To Code Module 11.0: Consuming Data I Introduction to Ajax This module is designed to familiarize you with web services and web APIs and how to connect to such services and consume and
More informationCopyright Descriptor Systems, Course materials may not be reproduced in whole or in part without prior written consent of Joel Barnum
Ajax The notion of asynchronous request processing using the XMLHttpRequest object has been around for several years, but the term "AJAX" was coined by Jesse James Garrett of Adaptive Path. You can read
More informationF5 Big-IP Application Security Manager v11
F5 F5 Big-IP Application Security Manager v11 Code: ACBE F5-ASM Days: 4 Course Description: This four-day course gives networking professionals a functional understanding of the BIG- IP LTM v11 system
More informationCNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies
CNIT 129S: Securing Web Applications Ch 3: Web Application Technologies HTTP Hypertext Transfer Protocol (HTTP) Connectionless protocol Client sends an HTTP request to a Web server Gets an HTTP response
More informationRKN 2015 Application Layer Short Summary
RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,
More informationConnecting the RISC Client to non-javascriptinterfaces
Connecting the RISC Client to non-javascriptinterfaces Motivation In industry scenarios there is the necessity to connect the RISC client to client side subdevices or interfaces. Examples: serial / USB
More informationEmbedded Discovery Service Or how to save some clicks during AAI authentication. Lukas Hämmerle
Embedded Discovery Service Or how to save some clicks during AAI authentication. Lukas Hämmerle lukas.haemmerle@switch.ch Zurich, 5. May 2009 Raider is now Twix and WAYF is now DS = WAYF = DS Where Are
More informationWeb Engineering (CC 552)
Web Engineering (CC 552) Introduction Dr. Mohamed Magdy mohamedmagdy@gmail.com Room 405 (CCIT) Course Goals n A general understanding of the fundamentals of the Internet programming n Knowledge and experience
More informationCSC309: Introduction to Web Programming. Lecture 11
CSC309: Introduction to Web Programming Lecture 11 Wael Aboulsaadat Servlets+JSP Model 2 Architecture 2 Servlets+JSP Model 2 Architecture = MVC Design Pattern 3 Servlets+JSP Model 2 Architecture Controller
More informationSession 8. Introduction to Servlets. Semester Project
Session 8 Introduction to Servlets 1 Semester Project Reverse engineer a version of the Oracle site You will be validating form fields with Ajax calls to a server You will use multiple formats for the
More informationThe Shibboleth-enabled WebDAV server used in ESUP-Portail and ORI-OAI projects
The Shibboleth-enabled WebDAV server used in ESUP-Portail and ORI-OAI projects Raymond Bourges TERENA EuroCAMP 14-15 November 2007 Dubrovnik, Croatia Shibboleth-enabled WebDAV server 1) Context Demo (if
More informationWeb Programming. Lecture 11. University of Toronto
CSC309: Introduction to Web Programming Lecture 11 Wael Aboulsaadat University of Toronto Servlets+JSP Model 2 Architecture University of Toronto 2 Servlets+JSP Model 2 Architecture = MVC Design Pattern
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationSession 9. Introduction to Servlets. Lecture Objectives
Session 9 Introduction to Servlets Lecture Objectives Understand the foundations for client/server Web interactions Understand the servlet life cycle 2 10/11/2018 1 Reading & Reference Reading Use the
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationGenerating the Server Response:
2009 Marty Hall Generating the Server Response: HTTP Status Codes Originals of Slides and Source Code for Examples: http://courses.coreservlets.com/course-materials/csajsp2.html p 2 Customized Java EE
More informationAdvanced Internet Technology Lab # 6
Faculty of Engineering Computer Engineering Department Islamic University of Gaza 2011 Advanced Internet Technology Lab # 6 JSP cookies Eng. Doaa Abu Jabal Advanced Internet Technology Lab # 6 JSP cookies
More informationDESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION
DESIGN OF WEB SERVICE SINGLE SIGN-ON BASED ON TICKET AND ASSERTION Abstract: 1 K.Maithili, 2 R.Ruhin Kouser, 3 K.Suganya, 1,2,3 Assistant Professor, Department of Computer Science Engineering Kingston
More informationDeveloper Resources: PIN2
Administrative Technology Services Technology and Data Services Developer Resources: PIN2 Contents Introduction... 2 Registering an Application... 2 Information Required for Registration... 3 Information
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationIntroduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...
Oracle Access Manager Configuration Guide for On-Premises Version 17 October 2017 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing
More informationAn Introduction to JavaScript & Bootstrap Basic concept used in responsive website development Form Validation Creating templates
PHP Course Contents An Introduction to HTML & CSS Basic Html concept used in website development Creating templates An Introduction to JavaScript & Bootstrap Basic concept used in responsive website development
More informationGlobalization TECHNICAL NOTE. Purpose. Product version: Document version: 1.1. Document creation date:
Globalization Product version: 4.60 Document version: 1.1 Document creation date: 04-05-2006 Purpose EPiServer has supported the creation of multilingual Web sites, with the multi-language functionality,
More informationOracle - Developing Applications for the Java EE 7 Platform Ed 1 (Training On Demand)
Oracle - Developing Applications for the Java EE 7 Platform Ed 1 (Training On Demand) Code: URL: D101074GC10 View Online The Developing Applications for the Java EE 7 Platform training teaches you how
More informationSELF SERVICE INTERFACE CODE OF CONNECTION
SELF SERVICE INTERFACE CODE OF CONNECTION Definitions SSI Administration User Identity Management System Identity Provider Service Policy Enforcement Point (or PEP) SAML Security Patch Smart Card Token
More informationWeb 2.0 and AJAX Security. OWASP Montgomery. August 21 st, 2007
Web 2.0 and AJAX Security OWASP Montgomery August 21 st, 2007 Overview Introduction Definition of Web 2.0 Basics of AJAX Attack Vectors for AJAX Applications AJAX and Application Security Conclusions 1
More informationGenerating the Server Response: HTTP Response Headers
Generating the Server Response: HTTP Response Headers 1 Agenda Format of the HTTP response Setting response headers Understanding what response headers are good for Building Excel spread sheets Generating
More informationAim behind client server architecture Characteristics of client and server Types of architectures
QA Automation - API Automation - All in one course Course Summary: In detailed, easy, step by step, real time, practical and well organized Course Not required to have any prior programming knowledge,
More informationUsing Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee
Using Your Own Authentication System with ArcGIS Online Cameron Kroeker and Gary Lee Agenda ArcGIS Platform Structure What is SAML? Meet the Players Relationships Are All About Trust What Happens During
More informationC24: Web API: Passing Arguments and Parsing Returns
CISC 3120 C24: Web API: Passing Arguments and Parsing Returns Hui Chen Department of Computer & Information Science CUNY Brooklyn College 5/7/2018 CUNY Brooklyn College 1 Outline Parsing arguments/data
More informationCoreBlox Integration Kit. Version 2.2. User Guide
CoreBlox Integration Kit Version 2.2 User Guide 2015 Ping Identity Corporation. All rights reserved. PingFederate CoreBlox Integration Kit User Guide Version 2.2 November, 2015 Ping Identity Corporation
More informationCT51 WEB TECHNOLOGY ALCCS-FEB 2014
Q.1 a. What is the purpose of Marquee tag? Text included within the tag moves continuously from right to left. For e.g. The globe is moving It is used actually to highlight
More informationThe Eval that Men Do
The Eval that Men Do Gregor Richard Christian Hammer Brian Burg Jan Vitek Vincent Foley-Bourgon COMP-621 - Winter 2014 McGill University February 2014 The paper Information 3 authors from Purdue University
More informationAdvanced Internet Technology Lab # 4 Servlets
Faculty of Engineering Computer Engineering Department Islamic University of Gaza 2011 Advanced Internet Technology Lab # 4 Servlets Eng. Doaa Abu Jabal Advanced Internet Technology Lab # 4 Servlets Objective:
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationRBS NetGain Enterprise Manager Web Interface Multiple Vulnerabilities of 9
RBS-2017-003 NetGain Enterprise Manager Web Interface Multiple Vulnerabilities 2018-03-22 1 of 9 Table of Contents Vendor / Product Information 3 Vulnerable Program Details 3 Credits 3 Impact 3 Vulnerability
More informationSERVLETS INTERVIEW QUESTIONS
SERVLETS INTERVIEW QUESTIONS http://www.tutorialspoint.com/servlets/servlets_interview_questions.htm Copyright tutorialspoint.com Dear readers, these Servlets Interview Questions have been designed especially
More information1Z Java EE 6 Web Component Developer Certified Expert Exam Summary Syllabus Questions
1Z0-899 Java EE 6 Web Component Developer Certified Expert Exam Summary Syllabus Questions Table of Contents Introduction to 1Z0-899 Exam on Java EE 6 Web Component Developer Certified Expert... 2 Oracle
More informationIntegration of the platform. Technical specifications
Introduction This document is meant as a reference and specification guide to carry out the integration between Gamelearn s platform and the different Learning Management System platforms of the client,
More informationFive9 Plus Adapter for Agent Desktop Toolkit
Cloud Contact Center Software Five9 Plus Adapter for Agent Desktop Toolkit Administrator s Guide September 2017 The Five9 Plus Adapter for Agent Desktop Toolkit integrates the Five9 Cloud Contact Center
More informationAJAX Programming Chris Seddon
AJAX Programming Chris Seddon seddon-software@keme.co.uk 2000-12 CRS Enterprises Ltd 1 2000-12 CRS Enterprises Ltd 2 What is Ajax? "Asynchronous JavaScript and XML" Originally described in 2005 by Jesse
More informationCH -7 RESPONSE HEADERS
CH -7 RESPONSE HEADERS. SETTING RESPONSE HEADERS FROM SERVLET setheader(string Name, String Value) This method sets the response header with the designated name to the given value. There are two specialized
More informationHTTP Requests and Header Settings
Overview, page 1 HTTP Client Requests (HTTP GET), page 1 HTTP Server Requests (HTTP POST), page 2 HTTP Header Settings, page 2 IP Phone Client Capability Identification, page 8 Accept Header, page 9 IP
More informationChecklist for Testing of Web Application
Checklist for Testing of Web Application Web Testing in simple terms is checking your web application for potential bugs before its made live or before code is moved into the production environment. During
More informationCA SiteMinder. Federation Manager Guide: Legacy Federation. r12.5
CA SiteMinder Federation Manager Guide: Legacy Federation r12.5 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationWeb client programming
Web client programming JavaScript/AJAX Web requests with JavaScript/AJAX Needed for reverse-engineering homework site Web request via jquery JavaScript library jquery.ajax({ 'type': 'GET', 'url': 'http://vulnerable/ajax.php',
More informationAjax HTML5 Cookies. Sessions 1A and 1B
Ajax HTML5 Cookies Sessions 1A and 1B JavaScript Popular scripting language: Dynamic and loosely typed variables. Functions are now first-class citizens. Supports OOP. var simple = 2; simple = "I'm text
More informationOracle Utilities Opower Solution Extension Partner SSO
Oracle Utilities Opower Solution Extension Partner SSO Integration Guide E84763-01 Last Updated: Friday, January 05, 2018 Oracle Utilities Opower Solution Extension Partner SSO Integration Guide Copyright
More informationWeb Development. with Bootstrap, PHP & WordPress
Web Development With Bootstrap, PHP & Wordpress Curriculum We deliver all our courses as Corporate Training as well if you are a group interested in the course, this option may be more advantageous for
More informationTrusted Source SSO. Document version 2.3 Last updated: 30/10/2017.
Trusted Source SSO Document version 2.3 Last updated: 30/10/2017 www.iamcloud.com TABLE OF CONTENTS 1 INTRODUCTION... 1 2 PREREQUISITES... 2 2.1 Agent... 2 2.2 SPS Client... Error! Bookmark not defined.
More informationApplication Design and Development: October 30
M149: Database Systems Winter 2018 Lecturer: Panagiotis Liakos Application Design and Development: October 30 1 Applications Programs and User Interfaces very few people use a query language to interact
More informationAJAX: Introduction CISC 282 November 27, 2018
AJAX: Introduction CISC 282 November 27, 2018 Synchronous Communication User and server take turns waiting User requests pages while browsing Waits for server to respond Waits for the page to load in the
More informationMorningstar ByAllAccounts SAML Connectivity Guide
Morningstar ByAllAccounts SAML Connectivity Guide 2018 Morningstar. All Rights Reserved. AccountView Version: 1.55 Document Version: 1 Document Issue Date: May 25, 2018 Technical Support: (866) 856-4951
More informationContents. xvii xix xxiil. xxvii
Contents FOREWORD INTRODUCTION INDUSTRY ANALYSIS PREFACE ACKNOWLEDGMENTS BIOGRAPHY XV xvii xix xxiil XXV xxvii PART I CHAPTER 1 INTRODUCTION TO MOBILE SECURITY DEVELOPMENT Understanding Secure Web Development
More informationENRICHING PRIMO RECORDS WITH INFORMATION FROM WORDPRESS. Karsten Kryger Hansen Aalborg University Library
ENRICHING PRIMO RECORDS WITH INFORMATION FROM WORDPRESS Karsten Kryger Hansen Aalborg University Library AGENDA Who am I History and use case Information distribution Detour: HTML, JavaScript etc. in Primo
More informationCopyright 2014 Blue Net Corporation. All rights reserved
a) Abstract: REST is a framework built on the principle of today's World Wide Web. Yes it uses the principles of WWW in way it is a challenge to lay down a new architecture that is already widely deployed
More informationContents. Demos folder: Demos\14-Ajax. 1. Overview of Ajax. 2. Using Ajax directly. 3. jquery and Ajax. 4. Consuming RESTful services
Ajax Contents 1. Overview of Ajax 2. Using Ajax directly 3. jquery and Ajax 4. Consuming RESTful services Demos folder: Demos\14-Ajax 2 1. Overview of Ajax What is Ajax? Traditional Web applications Ajax
More informationCS 5142 Scripting Languages
CS 5142 Scripting Languages 10/16/2015 Web Applications Databases 1 Outline Stateful Web Applications AJAX 2 Concepts Scope in Server-Side Scripts Request $_GET, $_POST global $g; Session $_SESSION Application
More informationSession 9. Deployment Descriptor Http. Reading and Reference. en.wikipedia.org/wiki/http. en.wikipedia.org/wiki/list_of_http_headers
Session 9 Deployment Descriptor Http 1 Reading Reading and Reference en.wikipedia.org/wiki/http Reference http headers en.wikipedia.org/wiki/list_of_http_headers http status codes en.wikipedia.org/wiki/http_status_codes
More informationVendor: SUN. Exam Code: Exam Name: Sun Certified Web Component Developer for J2EE 5. Version: Demo
Vendor: SUN Exam Code: 310-083 Exam Name: Sun Certified Web Component Developer for J2EE 5 Version: Demo QUESTION NO: 1 You need to store a Java long primitive attribute, called customeroid, into the session
More informationICOM 5016 Database Systems. Database Users. User Interfaces and Tools. Chapter 8: Application Design and Development.
Chapter 8: Application Design and Development ICOM 5016 Database Systems Web Application Amir H. Chinaei Department of Electrical and Computer Engineering University of Puerto Rico, Mayagüez User Interfaces
More informationRESTFUL WEB SERVICES - INTERVIEW QUESTIONS
RESTFUL WEB SERVICES - INTERVIEW QUESTIONS http://www.tutorialspoint.com/restful/restful_interview_questions.htm Copyright tutorialspoint.com Dear readers, these RESTful Web services Interview Questions
More informationIdentity management. Tuomas Aura T Information security technology. Aalto University, autumn 2011
Identity management Tuomas Aura T-110.4206 Information security technology Aalto University, autumn 2011 Outline 1. Single sign-on 2. OpenId 3. SAML and Shibboleth 4. Corporate IAM 5. Strong identity 2
More informationShibboleth authentication for Sync & Share - Lessons learned
Shibboleth authentication for Sync & Share - Lessons learned Enno Gröper Abteilung 4 - Systemsoftware und Kommunikation Computer- und Medienservice Humboldt-Universität zu Berlin 30 Jan 2018 Overview Introduction
More informationBuilding Offline Mobile Apps with Oracle JET and MCS
Building Offline Mobile Apps with Oracle JET and MCS JavaScript Persistence and Offline Sync Library for Cordova or Browser based applications MCS Sync Express Lyudmil Pelov @lpelov Oracle A-Team Nov,
More informationIntroduction to application management
Introduction to application management To deploy web and mobile applications, add the application from the Centrify App Catalog, modify the application settings, and assign roles to the application to
More informationSuomi.fi e-identification Technical interface description
Suomi.fi e-identification Technical interface description 1 Suomi.fi e-identification operating environment Suomi.fi e-identification offers a user authentication service for e-services across a SAML 2.0
More informationAdministering Jive Mobile Apps for ios and Android
Administering Jive Mobile Apps for ios and Android TOC 2 Contents Administering Jive Mobile Apps...3 Configuring Jive for Android and ios...3 Custom App Wrapping for ios...3 Authentication with Mobile
More informationSSC - Web applications and development Introduction and Java Servlet (I)
SSC - Web applications and development Introduction and Java Servlet (I) Shan He School for Computational Science University of Birmingham Module 06-19321: SSC Outline Outline of Topics What will we learn
More informationRegistry for identifiers assigned by the Swedish e-identification board
Registry for identifiers assigned by the Swedish e-identification board Version 1.5-2018-06-19 ELN-0603-v1.5 Table of Contents 1. Background 2. Structure 2.1. URI Identifiers 2.2. OID Identifiers 3. Assigned
More informationWarm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationAJP. CHAPTER 5: SERVLET -20 marks
1) Draw and explain the life cycle of servlet. (Explanation 3 Marks, Diagram -1 Marks) AJP CHAPTER 5: SERVLET -20 marks Ans : Three methods are central to the life cycle of a servlet. These are init( ),
More informationAlpha College of Engineering and Technology. Question Bank
Alpha College of Engineering and Technology Department of Information Technology and Computer Engineering Chapter 1 WEB Technology (2160708) Question Bank 1. Give the full name of the following acronyms.
More informationHandout 31 Web Design & Development
Lecture 31 Session Tracking We have discussed the importance of session tracking in the previous handout. Now, we ll discover the basic techniques used for session tracking. Cookies are one of these techniques
More informationIdentity management. Tuomas Aura CSE-C3400 Information security. Aalto University, autumn 2014
Identity management Tuomas Aura CSE-C3400 Information security Aalto University, autumn 2014 Outline 1. Single sign-on 2. SAML and Shibboleth 3. OpenId 4. OAuth 5. (Corporate IAM) 6. Strong identity 2
More informationConfiguration Guide - Single-Sign On for OneDesk
Configuration Guide - Single-Sign On for OneDesk Introduction Single Sign On (SSO) is a user authentication process that allows a user to access different services and applications across IT systems and
More informationSAML 2.0 SSO. Set up SAML 2.0 SSO. SAML 2.0 Terminology. Prerequisites
SAML 2.0 SSO Agiloft integrates with a variety of SAML authentication providers, or Identity Providers (IdPs). SAML-based SSO is a leading method for providing federated access to multiple applications
More informationServerless Single Page Web Apps, Part Four. CSCI 5828: Foundations of Software Engineering Lecture 24 11/10/2016
Serverless Single Page Web Apps, Part Four CSCI 5828: Foundations of Software Engineering Lecture 24 11/10/2016 1 Goals Cover Chapter 4 of Serverless Single Page Web Apps by Ben Rady Present the issues
More informationCSc 337 Final Examination December 13, 2013
On my left is: (NetID) MY NetID On my right is: (NetID) CSc 337 Final Examination December 13, 2013 READ THIS FIRST Read this page now but do not turn this page until you are told to do so. Go ahead and
More informationJquery Ajax Json Php Mysql Data Entry Example
Jquery Ajax Json Php Mysql Data Entry Example Then add required assets in head which are jquery library, datatable js library and css By ajax api we can fetch json the data from employee-grid-data.php.
More informationKyle Rainville Littleton Coin Company
Kyle Rainville Littleton Coin Company What is JSON? Javascript Object Notation (a subset of) Data Interchange Format Provides a way for communication between platforms & languages Derived from Javascript
More informationServlets. How to use Apache FOP in a Servlet $Revision: $ Table of contents
How to use Apache FOP in a Servlet $Revision: 493717 $ Table of contents 1 Overview...2 2 Example Servlets in the FOP distribution...2 3 Create your own Servlet...2 3.1 A minimal Servlet...2 3.2 Adding
More informationGenerating the Server Response: HTTP Status Codes
Generating the Server Response: HTTP Status Codes 1 Agenda Format of the HTTP response How to set status codes What the status codes are good for Shortcut methods for redirection and error pages A servlet
More informationSignicat Connector for Java Version 4.x. Document version 1
Signicat Connector for Java Version 4.x Document version 1 About this document Purpose Target This document is a guideline for using Signicat Connector for Java. Signicat Connector for Java is a client
More informationTest Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0
1 2 3 4 5 6 7 8 9 10 11 Test Plan for Liberty Alliance SAML Test Event Test Criteria SAML 2.0 Version 3.1 Editor: Kyle Meadors, Drummond Group Inc. Abstract: This document describes the test steps to achieve
More information