Progress Application Server for OpenEdge (PASOE) Spring security configuration
|
|
- Anthony Bradley
- 5 years ago
- Views:
Transcription
1 Progress Application Server for OpenEdge (PASOE) Spring security configuration
2 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are copyrighted and all rights are reserved by Progress Software Corporation. The information in these materials is subject to change without notice, and Progress Software Corporation assumes no responsibility for any errors that may appear therein. The references in these materials to specific platforms supported are subject to change. Corticon, DataDirect (and design), DataDirect Cloud, DataDirect Connect, DataDirect Connect64, DataDirect XML Converters, DataDirect XQuery, DataRPM, Deliver More Than Expected, Icenium, Kendo UI, Making Software Work Together, NativeScript, OpenEdge, Powered by Progress, Progress, Progress Software Developers Network, Rollbase, SequeLink, Sitefinity (and Design), SpeedScript, Stylus Studio, TeamPulse, Telerik, Telerik (and Design), Test Studio, and WebSpeed are registered trademarks of Progress Software Corporation or one of its affiliates or subsidiaries in the U.S. and/or other countries. Analytics360, AppServer, BusinessEdge, DataDirect Spy, SupportLink, DevCraft, Fiddler, JustCode, JustDecompile, JustMock, JustTrace, Kinvey, NativeScript Sidekick, OpenAccess, ProDataSet, Progress Results, Progress Software, ProVision, PSE Pro,Sitefinity, SmartBrowser, SmartComponent, SmartDataBrowser, SmartDataObjects, SmartDataView, SmartDialog, SmartFolder, SmartFrame, SmartObjects, SmartPanel, SmartQuery, SmartViewer, SmartWindow, and WebClient are trademarks or service marks of Progress Software Corporation and/or its subsidiaries or affiliates in the U.S. and other countries. Java is a registered trademark of Oracle and/or its affiliates. Any other marks contained herein may be trademarks of their respective owners. Please refer to the Release Notes applicable to the particular Progress product release for any third party acknowledgements required to be provided in the documentation associated with the Progress product. Author: Cheryl LaBarge clabarge@progress.com Contributors: Irfan Syed, Michael Jacobs, David Cleary, Roy Ellis
3 Spring Security Workshop For Progress Application Server for OpenEdge (PASOE) Cheryl LaBarge, Ruben Dröge, Chris Skeldon Progress November 15, 2017 Workshop Philosophy We can t make you an expert in 3 hours but we can give you a solid foundation 2 Progress 1
4 Learning new things 70% of learning is experiential It happens through daily tasks, challenges and practice. 20% of learning is social It happens with and through other people, like coworkers. 10% of learning is formal It happens through structured training courses and programs. 3 What will you learn: What is Spring security? How do I begin using it? How do I customize it? How do I troubleshoot issues? How can I switch to a different user provider? 4 Progress 2
5 What is Spring security? 5 What is Spring security? Spring security is a powerful and highly customizable authentication and access-control framework Built into PASOE Spring is automatically started when you start an instance All requests must go through the Spring security process to generate a security token User request PASOE 6 Progress 3
6 What is a security token? An object that contains both user credentials and additional information about the user's roles and capabilities Offers flexibility - I decide how to give them out Anonymous or check a flat file, LDAP, AD, OERealm, OpenEdge Authentication Gateway, etc. Sealed You can t transfer it to another person Expires* - limits the chance that others will use that credential 7 Spring security is always on! User requests access 1- Check Request Anonymous 2 -Authenticate Check User * For every request! No roles 3- Authorize URL Check Roles 4 - Generate a CLIENT-PRINCIPAL 8 Progress 4
7 1. Check your request What happens? Spring applies industry standard filters HTTPS filters HTTPS [SSL/TLS] client login filters CORS (Cross-origin resource sharing) filters CSRF (Cross site request forgery) filters Bottom line: Is the request compliant and reliable? For more detail on these topics, search the web or attend security sessions not the primary focus of this workshop. Spring is checking so you don t have to check! Additional steps are required to enable TLS, CORS, etc. but those are outside of Spring security External Threats 9 2. Authenticate - What happens? Spring checks your configuration files to decide What type of authentication? Direct login (user name & password) o Where do I find the user provider? Single Sign On (SSO) still check verify o Already authenticated Authentication Bottom line: Do I check the users credentials? If so, where to I find the right list to verify the users are who they say they are 10 Progress 5
8 3. Authorize What happens? Based on your configuration, Spring checks the following: Do we limit access to different types of application (REST, Web, etc.) Do we limit access to parts of the application Authorization (Accounting, Finance, Human Capital) Bottom line: Am I limiting access to my application based on the user s role in the organization Generate CLIENT-PRINCIPAL Why? Spring generates a security token OpenEdge generates a sealed CLIENT-PRINCIPAL Domains Domain access keys Bottom line: We transforms the Spring token into a CLIENT-PRINCIPAL to add ABL specific details Spring token CLIENT-PRINCIPAL 12 Progress 6
9 Which applications can use Spring security? User requests access Authentication Provider APSV SOAP REST WEB Static 13 Where can I store user account information? User requests access Authentication Provider APSV SOAP REST WEB Static None User.properties flat file ExtLocal LDAP - Lightweight Directory Access Protocol. AD Active Directory SAML OERealm OAG - OpenEdge Authentication Gateway SSO Single Sign-On OAuth2 14 Progress 7
10 How do I customize Spring Security Configuration files 11.6 uses.xml files 11.7.x uses two files oeablsecurity.properties oeablsecurity.csv Lesson learned xml files are error prone Properties and.csv file are easier to Edit Debug Migrate 15 Benefits of Spring to OpenEdge User requests access Applications First line of defense for access control Java industry standard DLC/servers/pasoe/common/lib Always on, always runs first Sits outside of your application Blocks request if authentication and authorization fail Always creates a security token Easy to use in existing code Automatically generates a CLIENT-PRINCIPAL from the Spring security token so you can use it in your existing applications Easy to configure Using properties files and.csv files OpenEdge handles 99% of details Can switch Authentication Providers easily 16 Progress 8
11 How do I begin using Spring Security 17 Surprise! You may already be using it! User requests access Authentication Provider 1- Check Request Anonymous yes 2 -Authenticate Check User yes User info * For every request! No roles yes 3- Authorize URL Check Roles yes 4 - Generate a CLIENT-PRINCIPAL 18 Progress 9
12 Our test application is REST Use a browser to call the ABL Application Ping service Success looks like this json Why use a simple ping service? To focus on Spring settings application 19 Try It 1: Experiencing the default client login model Progress 10
13 What did you learn? This is that 20% Social 21 Enabling security for REST, WEB, APSV and SOAP Spring security is automatically enabled for validating clients of REST and WEB applications You must update oeablsecurity.properties to enable Spring Security to validate clients of APSV and SOAP applications For APSV, set the apsv.security.enable property to basic. By default, the property is set to none. For SOAP, set the soap.security.enable property to basic. By default, the property is set to none. For more information, see the oeablsecurity.properties.readme file 22 Progress 11
14 Best Practice Use.properties and.csv files If you read about Spring Security you will find that Spring uses xml files to change behavior Don t use.xml Our updates could overwrite any changes in your xml files Bottom line: Keep it simple, always look through the properties we recommend if you need to change something chances are there s a property for that! 23 How do I find the right property? Each oeabl[.war] web application s URI space is divided into 5 individually configured Spring Security sub-spaces, arranged by transport We will be working with REST APSV SOAP REST WEB Static 24 Progress 12
15 How do I find the right property? Your transport determines has potential values for properties Example: client.login.model -method client uses to authenticate via HTTP messages Transport URI Path Login Models APSV apsv/** [ none ]; basic SOAP soap/** [ none ] ; basic REST rest/** [ anonymous ] ; basic ; form ; container ; sso ; oauth2 WEB web/** [ anonymous ] ; basic ; form ; container ; sso ; oauth2 Static files ** [ anonymous ] ; basic ; form ; container ; sso ; oauth2 25 How do I learn more about a specific properties? Readme file [Install]\servers\pasoe\conf Outlines oeablsecurity.properties.readme Hierarchy of.properties files Rules for setting property values Search for your property Documentation 26 Progress 13
16 What does the.csv file customize? Control URL access controls for web applications In 11.6 In Which file should I edit? Hierarchy of files Install oepas1 oepas1app Inventory Payments All Servers An Instance ABL Application Web Application Progress install is the superset includes all properties set defaults for all server instance [Install]/servers/pasoe/conf/oeablSecurity.properties and.csv Instance effects all ABL applications deployed on that instance [Instance-name]/conf/oeablSecurity.properties and.csv ABL Application level effects all web applications [Instancename]/ablapps/oepas1APP/conf/oeablSecurity.properties and.csv Web application controls on that branch of the business application [Instance-name]/webapps/inventory/WEB- INF/oeablSecurity.properties and.csv 28 Progress 14
17 How do I apply changes? You will need to restart the Progress Application Server for OpenEdge When you start the Progress Application Server for OpenEdge the property changes will take effect 29 Exploring authentication 30 Progress 15
18 Let s make a change requiring the user to login User requests access 1- Check Request Authentication Provider Anonymous yes 2 -Authenticate Check User yes User info * For every request! No roles yes 3- Authorize URL Check Roles yes 4 - Generate a CLIENT-PRINCIPAL 31 What will the user experience differently? Default value is anonymous To require a login use form 32 Progress 16
19 Setting the client.login.model property to form Default value is anonymous Require a username and password User.properties flat file located in C:\Progress\OpenEdge\servers\paso e\webapps\root\web-inf 33 Using form provides default login page The request is redirected to the login.jsp page The username and password are sent to Spring for authentication and authorization 34 Progress 17
20 What is the http.all.authmanager? User.properties flat file located in C:\Progress\OpenEdge\servers \pasoe\webapps\root\web-inf 35 Try It 2: Exploring Authentication Progress 18
21 What did you learn? This is that 20% Social 37 Using form adds additional security When you use form, Progress Application Server for OpenEdge receives a client session that persists You have explicit login and logout Did anyone open an new tab and retry the ping? o What happened? This can be bad because. If you are just stateless request then you use basic or single sign on 38 Progress 19
22 Exploring Authorization 39 Checking roles User requests access 1- Check Request yes 2 -Authenticate Check User Anonymous yes User info Authentication Provider 3- Authorize URL No roles yes Check Roles yes 4 - Generate the CLIENT-PRINCIPAL 40 Progress 20
23 How does a direct login handle the request? URL access control file located in instancename/webapps/web-app-name/web-inf/oeablsecurity.csv file contains the roles Intercept-url for each transport type Default for REST is ROLE_PSCUser APSV SOAP REST WEB Static 41 Dissecting the entry ## Intercept-url definitions for the REST transport URIs ## "/rest/**","*","hasanyrole('role_pscuser')" Pattern - URL pattern (wildcards and regular expressions) 2. Method HTTP access method 3. Access - Role[s] that are allowed access to the resource 42 Progress 21
24 Changing the role Use the ROLE_PSCAdmin Change role to ROLE_PSCAdmin 43 Try It 3: Exploring Authorization Progress 22
25 What did you learn? This is that 20% Social 45 Using a CLIENT- PRINCIPAL 46 Progress 23
26 Using a CLIENT-PRINCIPAL User requests access Authentication Provider 1- Check Request Anonymous yes 2 -Authenticate Check User yes User info * For every request! No roles yes 3- Authorize URL Check Roles yes 4 - Generate a CLIENT-PRINCIPAL 47 Using a CLIENT-PRINCIPAL CLIENT-PRINCIPAL refresher Using a server startup procedure Lab startup procedure review Using a client request activate procedure Lab activate procedure review 48 Progress 24
27 CLIENT-PRINCIPAL refresher Define a handle DEFINE VARIABLE HCP AS HANDLE NO-UNDO. Get the CLIENT-PRINCIPAL from the current request hcp = SESSION:CURRENT-REQUEST-INFO:GetClientPrincipal(). Retrieve attributes MESSAGE " ID: '" + hcp:qualified-user-id + "'". MESSAGE " session-id:" hcp:session-id. MESSAGE " state:" hcp:login-state. MESSAGE " roles: " + hcp:roles. MESSAGE " domain: " + hcp:domain-name. Use to access the database SET-DB-CLIENT(hCP). 49 Using a server startup procedure.p Automatically executed as procedure within each server session when the PAS for OpenEdge session first starts If it completes with an error, PAS for OpenEdge instance startup fails and the PAS for OpenEdge session is terminated oeprop AppServer.Agent.sessionStartupProc=IdmStartup.p 50 Progress 25
28 Startup procedure loads the domains Load domains or any persistent information for the server 51 Using a client request activate procedure User requests access Event procedures that allow you to manage the initialization and cleanup of a client's request in both unbound session-managed and session-free models oeprop AppServer.Agent.sessionActivateProc=IdmActivate.p 52 Progress 26
29 What might you do during activation? In this lab: We create a variable to look at the CLIENT-PRINCIPAL for the current request and validate the seal, if it is an invalid CLIENT- PRINCIPAL we raise an error - Remember to clean up after yourself,we delete the handle when we are done 53 Restart the server to see your changes You will need to restart the Progress Application Server for OpenEdge When you start the Progress Application Server for OpenEdge the property changes will take effect 54 Progress 27
30 Where did the messages go? C:\OpenEdge\WRK\oepas1\logs\oepas1.agent.log StartupProc message Activate client request message 55 Try It 4: Using a CLIENT- PRINCIPAL Progress 28
31 What did you learn? This is that 20% Social 57 Troubleshooting with logs 58 Progress 29
32 Where to look when it goes wrong Bad user Immediate feedback 401 Unauthorized Authentication failed 59 Default logging Log files provide general error messages but not all details 1. Agent log 2.Session manager 60 Progress 30
33 Troubleshooting during development <logger name= org.springframework level= DEBUG WARNING: Generates HUGE log files for development use only!!! 61 How do you apply changes? You will need to restart the Progress Application Server for OpenEdge When you start the Progress Application Server for OpenEdge the logging.xml file 62 Progress 31
34 Catching authentication errors Same bad user Not found More details with DEBUG level logging Don t leave on in Production, debugging only during development 63 Catching authorization errors A user doesn t have the right role More details Role checked Access denied 64 Progress 32
35 Catching configuration errors Manual edits are error prone, how let s look an example Extra quote Client.login.model=form Failed 65 Catching configuration errors (continued) There it is. form There it is again 66 Progress 33
36 Try It 5: Troubleshooting with logs What did you learn? This is that 20% Social 68 Progress 34
37 Using LDAP 69 Configuring to use LDAP with WEB transport User requests access.p LDAP - Lightweight Directory Access Protocol APSV SOAP REST WEB Static 70 Progress 35
38 For training purposes, LDAP is configured If your LDAP isn t configured, that s another training class OpenEdge developers will need to 1. Define database domains 2. Create registry entry for domains 3. Set properties to use LDAP and domains 4. Configure authorization to use domains Add database domains We ve preloaded domains for you In the lab, you will just view those domains Run ListLDAPDomains.p 72 Progress 36
39 2. Registry domains Use gendomreg to create an encrypted registry file seal the domain in the CLIENT-PRINCIPAL ldapreg.bin You will load that file into the registery 73 Setting properties LDAP details oeablsecurity.properties Only properties you need, at the right level Easy to switch to LDAP Client.login.model is still form LDAP details 74 Progress 37
40 3. Setting properties Domain details oeablsecurity.properties Only properties you need, at the right level Set domain registryfile Set domainrolefilter to include all PSC roles 75 Configure authorization to use domains oeablsecurity.csv with addition roles Intercept-url for WEB transport URIs LDAP REQUIRES UPPERCASE ROLE NAMES Added all three roles 76 Progress 38
41 Set handler property Use the oeprop command to use a DataObjectHandler to handle web requests oeprop +oepas1.root.web.handler1= OpenEdge.Web.DataObject.DataObjectHandler : /pdo/{service} Warning: Commands must appear on a single line If you copy and paste from Try It document, you will need to fix the quotes 77 Optional customizing your login.html page Using proenv, copy the login.html from the work directory to replace the default one copy %WRKDIR%\loginPage.html %WRKDIR%\oepas1\webapps\ROOT\static\ 78 Progress 39
42 The sample application Custom page Employee.html Logout to terminate session 79 Using sample stylesheet Custom style sheet mystyle.css 80 Progress 40
43 Review the pasoe1.agent log Domain as part of ID Domain 81 Application flow Login Logout Work! 82 Progress 41
44 Review the localhost_access_log.yyyy-mm-ddd log login logout 83 Try It 6: Using LDAP Progress 42
45 What did you learn? This is that 20% Social 85 Using SSO 86 Progress 43
46 Direct Logins vs. Single Sign-on Direct logins require users to supply a user name and password for authentication and authorization Single Sign-On (SSO) is an authentication process that allows a user to access multiple applications with one set of login credentials SSO is a common procedure in enterprises, where a client accesses multiple resources connected to a local area network (LAN) 87 SSO typically works across servers ROOT Payments PASOE1 PASOE2 88 Progress 44
47 For this lab you will use a single server SSOProd Producer ROOT Consumer PASOE1 Payments Consumer 89 The user is authenticated someplace! User requests access LDAP SSO Single Sign-On Producer APSV SOAP REST WEB Static 90 Progress 45
48 Configure the SSOProd (Producer) application Deploy a SSOProd application tcman deploy a SSOProd %DLC%\servers\pasoe\extras\oeabl.war Customize with properties 91 Producer s oeablsecurities.properties Existing LDAP and CP details Additional SSO Token details 92 Progress 46
49 Deploying the Payments application (SSO Consumer) Deploy the Payments application tcman deploy a Payments %DLC%\servers\pasoe\extras\oeabl.war Customize with properties 93 Consumer s oeablsecurities.properties Client login model is irrelevant Consumer only cares about a valid CLIENT-PRINCIPAL ROOT and Payments are consumers 94 Progress 47
50 SSO tokens have a default timeout 3600 ROOT Payments PASOE1 PASOE2 95 Generating HTTP SSO access_token POST Accept: application/json j_username=ldap_admin&j_password=password { "access_token":"akaaaqaaaazbre1jtgaaoaacaaaabmlzewvkaacqaasaaaaiaaaaafn1fq4amaamaaaaagamakaaggaaaa9tu09by2nlc3nub2tl bgaaoaanaaaadljptevfufndqurnsu4aakaadwaaadk3oeu5mjrdqzq4rtverdzfmzhcnzy4mkyznzi5otjdrdg3mku2rjvdrde1oc5wyxnfru1fq VBVRwAA0AAQAAAACAAAAABZ9SS+AMAAFAAAACEAoAAUAAAAGXNjb3BlAGZpbmFuY2UsSW52ZW50b3J5AAAA0AAXAAAACP////////8QANAAGwAAAAj/////// //EADQABwAAAAIAAAAAAzicA8AsAAVAAAAEG58KQdb3rMLXeF8UPWIzZY=", "refresh_token":"faab8dba b9fe-7767e6eb256e.oepas1", "token_type":"oecp", "expires_in":3600 } Token lifetime Token used to generate a new access_token for the same clientprincipal generated for the user base64 encoded client-principal token 96 Progress 48
51 Performing SSO using OECP access_token GET Authorization: OECP <access_token> GET Authorization: OECP AKAAAQAAAAZBRE1JTgAAoAACAAAABmlzeWVkAACQAAsAAAAIAAAAAFn1Fq4AMAAMAAAAAgAMAKAAGgAAAA9TU09BY2Nlc3NUb2tlbg AAoAANAAAADlJPTEVfUFNDQURNSU4AAKAADwAAADk3OEU5MjRDQzQ4RTVERDZFMzhCNzY4MkYzNzI5OTJDRDg3MkU2RjVDRDE1OC 5wYXNfRU1FQVBVRwAA0AAQAAAACAAAAABZ9SS+AMAAFAAAACEAoAAUAAAAGXNjb3BlAGZpbmFuY2UsSW52ZW50b3J5AAAA0AAXA AAACP////////8QANAAGwAAAAj/////////EADQABwAAAAIAAAAAAzicA8AsAAVAAAAEG58KQdb3rMLXeF8UPWIzZY= 97 Refresh button demonstrates refreshing 98 Progress 49
52 Generating a new access_token by using a refresh_token POST Accept: application/json {"token_type":"oecp","refresh_token":"faab8dba b9fe-7767e6eb256e.oepas1"} {"access_token":"akaaaqaaaazbre1jtgaaoaacaaaabmlzewvkaacqaasaaaaiaaaaafn1k8uamaamaaaaagamakaaggaaaa9 TU09BY2Nlc3NUb2tlbgAAoAANAAAADlJPTEVfUFNDQURNSU4AAKAADwAAADkzRUREN0FFQjQ3NzBCMTBDODc4MzI5NzhFMzdDNDIyOD Q5OTZGNkQxMEUzNi5wYXNfRU1FQVBVRwAA0AAQAAAACAAAAABZ9TnVAMAAFAAAACEAoAAUAAAAGXNjb3BlAGZpbmFuY2UsSW52Z W50b3J5AAAA0AAXAAAACP////////8QANAAGwAAAAj/////////EADQABwAAAAIAAAAAAzicA8AsAAVAAAAEEYKU+LXqrl Ug+FU6aoc4r8=", "refresh_token":"9301bf02-7a52-485b-b24d-6182d28307a9.oepas1", "token_type":"oecp", "expires_in":3600} 99 Configuring logging In the current release you will need to copy logging.xml to each application so that they match This is a known issue and scheduled for an upcoming release SSOProd Producer Logging.xml ROOT Consumer Payments Consumer 100 Progress 50
53 Try It 7: Using SSO What did you learn? This is that 20% Social 102 Progress 51
54 Using the OpenEdge Authentication Gateway Security Token Service (STS) 103 Using Security Token Service (STS) User requests access OpenEdge Authentication Gateway Security Token Service APSV SOAP REST WEB Static 104 Progress 52
55 Authentication Gateway requires Client\Server keys S Require a Server Key S Require a Server Key C Install as client key 105 Installing the client key The server key will be given to you by the Authentication Gateway server administrator On the client machine enter the following: proenv> stskeyutil install -file c:\stsclientkey\oests-key.ecp -url Enter the password as password Once created you will delete the server key so only the generated file remains 106 Progress 53
56 Try your key before you lock your application You can use the authenticate command to test authenticating users proenv> stsclientutil -url -cmd authenticate -nohostverify -user password password C S 107 Customize the properties to use STS Authentication Provider is now sts Same stsurl you tested with the authenticate command WARNING: For the training we have nohostverify=true only to avoid the extra steps for configuring certificates because that is not Spring specific 108 Progress 54
57 Restart the server to see your changes You will need to restart the Progress Application Server for OpenEdge When you start the Progress Application Server for OpenEdge the property changes will take effect 109 Run a program to show sts domain 110 Progress 55
58 Test the application 111 Try It 8: Using STS Progress 56
59 What did you learn? This is that 20% Social 113 What you did today! Demonstrated that the Spring security process always runs first and lives outside of your applications. Customized Spring behavior Prosperities files (oeablsecurity.properities) Access control files (oeablsecurity.csv) Tracked down access errors and configuration problems using log files Configured different Authentication Providers LDAP SSO STS 114 Progress 57
60 Where can I learn more General resources Installation oeablsecurity.properties.readme Documentation Spring Security Models and templates Education Progress Application Server for OpenEdge Administration Introduction to Progress Application Server OpenEdge for Developers Communities Whitepaper PAS for OpenEdge WebSpeed with OERealm Security (OpenEdge 11.6+) Sample coming soon PASOE Support for JWT and oauth2 - Samples What s new in OpenEdge Service Pack : New Information Guide ABL application PING service Using the OpenEdge Authentication Gateway for Authentication Authentication with OAuth2 and JWT Extending OpenEdge SSO to Web Applications 115 Before you go securing the ping Once you decide on the ping service s URI, you should add appropriate access controls into the webapp s oeablsecurity.csv. Set the access control to turnoff the ping in production /web/_oepingservice/*, GET, hasrole( PSCUser ) 116 Progress 58
61 Each participant will be given a wrist band as they enter the room Each participant will get a cheat card 118 Progress 59
62 Definition Authentication Is a valid user accessing your application? Requires verifying credentials with a Authentication Provider. Definition CLIENT-PRINCIPAL ABL security token. Once created, sealed and validated it is used the users credentials for accessing application and data. Authorization Does the user have permission to access a specific part of your application? Are you in the finance department? If yes, you can run the financial reports and see salaries. Spring Security Token Provides authentication and access-control information. Configuration files - Two main files are used to configure Spring oeablsecurity.properties - sets Spring properties without using xml oeablsecurity.cvs defines authorization through access controls. Domains ABL database configuration that control access application work in conjunction with authorization to limit access to your application. Authentication Provider A third party source where you validate that a user is who they say they are. Examples include LDAP, AD, STS, etc. Logs Troubleshoot problems and collect details from requests made by valid and potentially uninvited users. 119 Spring security is always on! User requests access 1- Check Request Anonymous 2 -Authenticate Check User * For every request! No roles 3- Authorize URL Check Roles 4 - Generate a CLIENT-PRINCIPAL 120 Progress 60
63 Progress 61
64 About Progress Progress (NASDAQ: PRGS) offers the leading platform for developing and deploying mission-critical business applications. Progress empowers enterprises and ISVs to build and deliver cognitive-first applications, that harness big data to derive business insights and competitive advantage. Progress offers leading technologies for easily building powerful user interfaces across any type of device, a reliable, scalable and secure backend platform to deploy modern applications, leading data connectivity to all sources, and award-winning predictive analytics that brings the power of machine learning to any organization. Over 1,700 independent software vendors, 80,000 enterprise customers, and two million developers rely on Progress to power their applications. Learn about Progress at or Worldwide Headquarters Progress, 14 Oak Park, Bedford, MA USA Tel: Fax: On the Web at: Find us on facebook.com/progresssw twitter.com/progresssw youtube.com/progresssw For regional international office locations and contact information, please go to Progress, OpenEdge and Corticon are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. Any other trademarks contained herein are the property of their respective owners.
White Paper: Supporting Java Style Comments in ABLDoc
White Paper: Supporting Java Style Comments in ABLDoc Notices 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationProgress DataDirect for ODBC for Apache Cassandra Driver
Progress DataDirect for ODBC for Apache Cassandra Driver Quick Start for Windows Release 8.0.0 Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved.
More informationThe Progress DataDirect for
The Progress DataDirect for ODBC for SQL Server Wire Protocol Driver Quick Start for Windows Release 8.0.2 Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All
More informationProvide Real-Time Data To Financial Applications
Provide Real-Time Data To Financial Applications DATA SHEET Introduction Companies typically build numerous internal applications and complex APIs for enterprise data access. These APIs are often engineered
More informationCorticon Server: Web Console Guide
Corticon Server: Web Console Guide Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are
More informationCorticon Server: Web Console Guide
Corticon Server: Web Console Guide Notices Copyright agreement 2016 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationProgress DataDirect Hybrid Data Pipeline
Progress DataDirect Hybrid Data Pipeline Installation Guide Release 4.3 Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials
More informationOpenEdge : New Information. Service Pack
OpenEdge 11.7.2: New Information Service Pack Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationCorticon Server: Web Console Guide
Corticon Server: Web Console Guide Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationThe Progress DataDirect for
The Progress DataDirect for ODBC for Apache Hive Wire Protocol Driver Quick Start for Windows Release 8.0.1 Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All
More informationWhite Paper: ELK stack configuration for OpenEdge BPM
White Paper: ELK stack configuration for OpenEdge BPM Copyright 2017 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationWhite Paper: Addressing POODLE Security Vulnerability and SHA 2 Support in Progress OpenEdge in 10.2B08
White Paper: Addressing POODLE Security Vulnerability and SHA 2 Support in Progress OpenEdge in 10.2B08 Table of Contents Copyright...5 Chapter 1: Introduction...7 About POODLE vulnerability...7 Chapter
More informationUsing update to install a Corticon Studio
Using update to install a Corticon Studio Notices Copyright agreement 2013 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationProgress DataDirect for ODBC for Apache Hive Wire Protocol Driver
Progress DataDirect for ODBC for Apache Hive Wire Protocol Driver Quick Start for UNIX/Linux Release 8.0.0 Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All
More informationThe Progress DataDirect Autonomous REST Connector for JDBC
The Progress DataDirect Autonomous REST Connector for JDBC Quick Start for Using HTTP Header Authentication Release Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates.
More informationCorticon: Data Integration Guide
Corticon: Data Integration Guide Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are
More informationProgress DataDirect for JDBC for Apache Hive Driver
Progress DataDirect for JDBC for Apache Hive Driver Quick Start Release 6.0.1 Quick Start: Progress DataDirect for JDBC for Apache Hive Driver This quick start provides basic information that allows you
More informationOpenEdge Change Data Capture and the ETL Process WHITEPAPER AUTHOR : LAKSHMI PADMAJA
OpenEdge Change Data Capture and the ETL Process WHITEPAPER AUTHOR : LAKSHMI PADMAJA Introduction Keeping the multitude of data sources housed within an organization updated is a cumbersome and time intensive
More informationWhite Paper: Addressing POODLE vulnerability and SHA2 support in Progress OpenEdge HF
White Paper: Addressing POODLE vulnerability and SHA2 support in Progress OpenEdge 11.5.1 HF Notices 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These
More informationDataDirect Cloud Distribution Guide
DataDirect Cloud Distribution Guide August 2014 Notices For details, see the following topics: Copyright Copyright 2014 Progress Software Corporation and/or its subsidiaries or affiliates. All rights
More informationProgress DataDirect for ODBC Drivers. Installation Guide
Progress DataDirect for ODBC Drivers Installation Guide December 2017 Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and
More informationProgress DataDirect Connect Series for JDBC Installation Guide
Progress DataDirect Connect Series for JDBC Installation Guide Release 5.1.4 Notices For details, see the following topics: Copyright Copyright 2016 Progress Software Corporation and/or one of its subsidiaries
More informationCorticon. Installation Guide
Corticon Installation Guide Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are copyrighted
More informationCorticon Installation Guide
Corticon Installation Guide Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationCorticon. Installation Guide
Corticon Installation Guide Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are copyrighted
More informationOpenEdge : New Information. Service Pack
OpenEdge 11.7.3: New Information Service Pack Copyright 2018 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationDelete Personally Identifiable Information About a User from Sitefinity CMS
Delete Personally Identifiable Information About a User from Sitefinity CMS WHITEPAPER You can use the following articles as a guidance about deleting personally identifiable information (PII) about a
More informationCorticon Migration Guide
Corticon Migration Guide Notices Copyright agreement 2014 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are
More informationPAS for OpenEdge Support for JWT and OAuth Samples -
PAS for OpenEdge Support for JWT and OAuth 2.0 - Samples - Version 1.0 November 21, 2017 Copyright 2017 and/or its subsidiaries or affiliates. All Rights Reserved. 2 TABLE OF CONTENTS INTRODUCTION... 3
More informationKendo UI Builder. For Business Apps, UI/UX Reigns Supreme
Kendo UI Builder DATA SHEET HIGHLIGHTS Progress Kendo UI Builder is a standalone web productivity tool that combines several industry-leading web development technologies in an easy-to-use interface, empowering
More informationProgress DataDirect for JDBC for Oracle Eloqua
Progress DataDirect for JDBC for Oracle Eloqua User's Guide 6.0.0 Release Copyright 2017 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all
More information5 KEY REASONS FOR USING TELERIK PLATFORM MBAAS
5 KEY REASONS FOR USING TELERIK PLATFORM MBAAS Don t Reinvent the Wheel Mobile backend as a service (MBaaS) offers sophisticated capabilities that you can use right off the bat in your mobile apps to make
More informationCorticon Studio: Quick Reference Guide
Corticon Studio: Quick Reference Guide Notices Copyright agreement 2016 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationHow I Stopped Worrying and Learned to Love Open Source. David Cleary Progress
How I Stopped Worrying and Learned to Love Open Source David Cleary Progress Progress Who? 3 August 1984 First Shipment of Progress 2.2 "Data Language Corp. has released Progress, a high-performance application
More informationBuilding Hybrid mobile apps for Rollbase application using PDO
Building Hybrid mobile apps for Rollbase application using PDO Authors: Anil Kumar Gaddalapati, QA Engineer Dr Ganesh Neelakanta Iyer, QA Architect 2016 Progress Software Corporation and/or its subsidiaries
More informationWebspeed. I am back. Enhanced WebSpeed
Webspeed. I am back Enhanced WebSpeed OpenEdge 11.6 WebSpeed!!! Modernize your Progress OpenEdge web apps through enhanced Progress Application Server (PAS) support for WebSpeed Achieve improved performance
More informationCorticon Studio: Rule Modeling Guide
Corticon Studio: Rule Modeling Guide Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationBuilding Satellite Rollbase Applciation for an existing OpenEdge application
Building Satellite Rollbase Applciation for an existing OpenEdge application Authors: Ganesh Cherivirala Dr Ganesh Neelakanta Iyer 2016 Progress Software Corporation and/or its subsidiaries or affiliates.
More informationROLLBASE ACCESS TO ABL BUSINESS LOGIC VIA OPENCLIENT
W HITE PAPER www. p rogres s.com ROLLBASE ACCESS TO ABL BUSINESS LOGIC VIA OPENCLIENT 1 TABLE OF CONTENTS Introduction... 2 What is Progress Rollbase?... 2 Installation and setup... 2 Expose Openedge Appserver
More informationCorticon Extensions Guide
Corticon Extensions Guide Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products are copyrighted
More informationAdvanced ODBC and JDBC Access to Salesforce Data
Advanced ODBC and JDBC Access to Salesforce Data DATA SHEET FEATURES BENEFITS Use significantly less memory to do more work Expose Salesforce data to a full spectrum of custom and commercial apps Secure
More informationCorticon EDC: Using Enterprise Data Connector
Corticon EDC: Using Enterprise Data Connector Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationGuide to Creating Corticon Extensions
Guide to Creating Corticon Extensions Notices Copyright agreement 2016 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationProgress DataDirect for ODBC for Oracle Wire Protocol Driver
Progress DataDirect for ODBC for Oracle Wire Protocol Driver User's Guide and Reference Release 8.0.2 Copyright 2017 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights
More informationEnhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation
Enhancing cloud applications by using external authentication services After you complete this section, you should understand: Terminology such as authentication, identity, and ID token The benefits of
More informationOpenEdge. Database Essentials. Getting Started:
OpenEdge Database Essentials Getting Started: Copyright 2017 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationProgress DataDirect. for ODBC for Apache Cassandra Driver. User's Guide and Reference. Release 8.0.0
Progress DataDirect for ODBC for Apache Cassandra Driver User's Guide and Reference Release 8.0.0 Copyright 2018 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights
More informationProgress OpenEdge. > Getting Started. in the Amazon Cloud.
Progress OpenEdge w h i t e p a p e r > Getting Started with Progress OpenEdge in the Amazon Cloud Part II: Your First AMI Instance Table of Contents Table of Contents.........................................
More informationCorticon Server: Deploying Web Services with Java
Corticon Server: Deploying Web Services with Java Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationWarm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationPROGRESS OPENEDGE PRO2
OpenEdge Pro2 OpenEdge Data Server Oracle, SQL Server, OpenEdge PROGRESS OPENEDGE PRO2 DATA REPLICATION Progress.com A Contents Introduction 3 Executive Summary 4 The Pro2 Solution 5 Pro2 Administration
More informationAppScaler SSO Active Directory Guide
Version: 1.0.3 Update: April 2018 XPoint Network Notice To Users Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless
More informationHow to Configure Authentication and Access Control (AAA)
How to Configure Authentication and Access Control (AAA) Overview The Barracuda Web Application Firewall provides features to implement user authentication and access control. You can create a virtual
More informationCorticon Studio: Quick Reference Guide
Corticon Studio: Quick Reference Guide Notices Copyright agreement 2014 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationAdministering Jive Mobile Apps for ios and Android
Administering Jive Mobile Apps for ios and Android TOC 2 Contents Administering Jive Mobile Apps...3 Configuring Jive for Android and ios...3 Custom App Wrapping for ios...3 Authentication with Mobile
More informationCorticon Server: Deploying Web Services with.net
Corticon Server: Deploying Web Services with.net Notices Copyright agreement 2016 Progress Software Corporation and/or one of its subsidiaries or affiliates. All rights reserved. These materials and all
More informationCorticon Server: Deploying Web Services with.net
Corticon Server: Deploying Web Services with.net Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationCorticon Studio: Rule Language Guide
Corticon Studio: Rule Language Guide Notices Copyright agreement 2015 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationDataDirect Connect Series
DataDirect Connect Series for ODBC Installation Guide Release 7.1.6 Notices For details, see the following topics: Copyright Copyright 2016 Progress Software Corporation and/or one of its subsidiaries
More informationProgress DataDirect For Business Intelligence And Analytics Vendors
Progress DataDirect For Business Intelligence And Analytics Vendors DATA SHEET FEATURES: Direction connection to a variety of SaaS and on-premises data sources via Progress DataDirect Hybrid Data Pipeline
More informationIntroduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...
Oracle Access Manager Configuration Guide for On-Premises Version 17 October 2017 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing
More informationWhat's New in Corticon
What's New in Corticon What s new and changed in Corticon 5.3.2 1 This chapter summarizes the new, enhanced, and changed features in Progress Corticon 5.3.2. Service Pack 2 includes the changes that were
More informationServer Installation Guide
Server Installation Guide Server Installation Guide Legal notice Copyright 2018 LAVASTORM ANALYTICS, INC. ALL RIGHTS RESERVED. THIS DOCUMENT OR PARTS HEREOF MAY NOT BE REPRODUCED OR DISTRIBUTED IN ANY
More informationREST in Peace Mastering the JSDO with a Dynamic ABL backend. Mike Fechner, Consultingwerk Ltd.
REST in Peace Mastering the JSDO with a Dynamic ABL backend Mike Fechner, Consultingwerk Ltd. mike.fechner@consultingwerk.de http://www.consultingwerk.de/ 2 Consultingwerk Ltd. Independent IT consulting
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationCorticon Studio: Quick Reference Guide
Corticon Studio: Quick Reference Guide Notices Copyright agreement 2013 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software
More informationWhite Paper Version 1.0. Architect Preferences and Properties OpenEdge 10.2A
White Paper Version 1.0 Architect Preferences and Properties OpenEdge 10.2A Architect Preferences and Properties 2009 Progress Software Corporation. All rights reserved. These materials and all Progress
More informationModernization and how to implement Digital Transformation. Jarmo Nieminen Sales Engineer, Principal
Modernization and how to implement Digital Transformation Jarmo Nieminen Sales Engineer, Principal jarmo.nieminen@progress.com 2 Reinvented 8000 years old tool...? Leveraxe!! 3 In this Digital Economy...
More informationIntegrating the Progress Rollbase Portal into OpenEdge Applications. Mike Fechner, Director, Consultingwerk Ltd.
Integrating the Progress Rollbase Portal into OpenEdge Applications Mike Fechner, Director, Consultingwerk Ltd. mike.fechner@consultingwerk.de Consultingwerk Ltd. Independent IT consulting organization
More informationDeltek Touch CRM for Vision. User Guide
Deltek Touch CRM for Vision User Guide September 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors may exist.
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationDeltek Touch CRM for Ajera CRM. User Guide
Deltek Touch CRM for Ajera CRM User Guide September 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors may
More informationData encryption & security. An overview
Data encryption & security An overview Agenda Make sure the data cannot be accessed without permission Physical security Network security Data security Give (some) people (some) access for some time Authentication
More informationARTIX PROGRESS. Using the Artix Library
ARTIX PROGRESS Using the Artix Library Version 5.6, May 2011 2011 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress software products
More informationOracle Virtual Directory 11g Oracle Enterprise Gateway Integration Guide
An Oracle White Paper June 2011 Oracle Virtual Directory 11g Oracle Enterprise Gateway Integration Guide 1 / 25 Disclaimer The following is intended to outline our general product direction. It is intended
More informationCA Single Sign-On and LDAP/AD integration
CA Single Sign-On and LDAP/AD integration CA Single Sign-On and LDAP/AD integration Legal notice Copyright 2017 LAVASTORM ANALYTICS, INC. ALL RIGHTS RESERVED. THIS DOCUMENT OR PARTS HEREOF MAY NOT BE REPRODUCED
More informationCopyright. Copyright Ping Identity Corporation. All rights reserved. PingAccess Server documentation Version 4.
Server 4.3 Copyright 1 Copyright 2017 Ping Identity Corporation. All rights reserved. PingAccess Server documentation Version 4.3 June, 2017 Ping Identity Corporation 1001 17th Street, Suite 100 Denver,
More informationISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University
Identity Management and Federated ID (Liberty Alliance) ISA 767, Secure Electronic Commerce Xinwen Zhang, xzhang6@gmu.edu George Mason University Identity Identity is the fundamental concept of uniquely
More informationCONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE
GUIDE MARCH 2019 PRINTED 28 MARCH 2019 CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE VMware Workspace ONE Table of Contents Overview Introduction Audience AD FS
More informationCorticon Server: Deploying Web Services with Java
Corticon Server: Deploying Web Services with Java Notices Copyright agreement 2014 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These materials and all Progress
More informationesignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5
esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5 Phone: 1-855-MYESIGN Fax: (514) 337-5258 Web: www.esignlive.com
More informationTIBCO Cloud Integration Security Overview
TIBCO Cloud Integration Security Overview TIBCO Cloud Integration is secure, best-in-class Integration Platform as a Service (ipaas) software offered in a multi-tenant SaaS environment with centralized
More informationDeltek Touch CRM for GovWin Capture Management. User Guide
Deltek Touch CRM for GovWin Capture Management User Guide September 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical
More informationBlackBerry AtHoc Networked Crisis Communication. BlackBerry AtHoc API Quick Start Guide
BlackBerry AtHoc Networked Crisis Communication BlackBerry AtHoc API Quick Start Guide Release 7.6, September 2018 Copyright 2018 BlackBerry Limited. All Rights Reserved. This document may not be copied,
More informationvrealize Suite Lifecycle Manager 1.0 Installation and Management vrealize Suite 2017
vrealize Suite Lifecycle Manager 1.0 Installation and Management vrealize Suite 2017 vrealize Suite Lifecycle Manager 1.0 Installation and Management You can find the most up-to-date technical documentation
More information5 OAuth Essentials for API Access Control
5 OAuth Essentials for API Access Control Introduction: How a Web Standard Enters the Enterprise OAuth s Roots in the Social Web OAuth puts the user in control of delegating access to an API. This allows
More informationCorticon Studio: Rule Modeling Guide
Corticon Studio: Rule Modeling Guide Notices For details, see the following topics: Copyright Copyright 2014 Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved. These
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationJava Browser User Guide
Java Browser User Guide Release 6.1 February 2003 Release 6.1Copyright Java Browser User Guide ObjectStore Release 6.1 for all platforms, February 2003 2003 Progress Software Corporation. All rights reserved.
More informationFAQ. General Information: Online Support:
FAQ General Information: info@cionsystems.com Online Support: support@cionsystems.com CionSystems Inc. Mailing Address: 16625 Redmond Way, Ste M106 Redmond, WA. 98052 http://www.cionsystems.com Phone:
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT
ArcGIS Enterprise Security: An Introduction Randall Williams Esri PSIRT Agenda ArcGIS Enterprise Security for *BEGINNING to INTERMIDIATE* users ArcGIS Enterprise Security Model Portal for ArcGIS Authentication
More informationDolby Conference Phone 3.1 configuration guide for West
Dolby Conference Phone 3.1 configuration guide for West 17 January 2017 Copyright 2017 Dolby Laboratories. All rights reserved. For information, contact: Dolby Laboratories, Inc. 1275 Market Street San
More informationRSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013
Ping Identity RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 13, 2013 Product Information Partner Name Ping Identity Web Site www.pingidentity.com Product Name PingFederate
More informationOracle Communications Services Gatekeeper
Oracle Communications Services Gatekeeper Security Guide Release 5.1 E36134-01 June 2013 Oracle Communications Services Gatekeeper Security Guide, Release 5.1 E36134-01 Copyright 2011, 2013, Oracle and/or
More informationDeltek Touch CRM for Deltek CRM. User Guide
Deltek Touch CRM for Deltek CRM User Guide February 2017 While Deltek has attempted to verify that the information in this document is accurate and complete, some typographical or technical errors may
More informationVMware Identity Manager Connector Installation and Configuration (Legacy Mode)
VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until
More informationQlik Sense Mobile September 2018 (version 1.6.1) release notes
Release Notes Qlik Sense Mobile September 2018 (version 1.6.1) release notes qlik.com Table of Contents Overview 3 Compatibility 3 Bug fixes 4 Qlik Sense Mobile September 2018 (version 1.6.1) 4 Qlik Sense
More informationContents Introduction... 5 Configuring Single Sign-On... 7 Configuring Identity Federation Using SAML 2.0 Authentication... 29
Oracle Access Manager Configuration Guide 16 R1 March 2016 Contents Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 8 Installing Oracle HTTP Server...
More informationIntegrating with ClearPass HTTP APIs
Integrating with ClearPass HTTP APIs HTTP based APIs The world of APIs is full concepts that are not immediately obvious to those of us without software development backgrounds and terms like REST, RPC,
More information