Leaving the State: Sessionless (Stateless) Authentication in D8 with Whole Foods Market. BADCamp 2017
|
|
- Annice McGee
- 6 years ago
- Views:
Transcription
1 Leaving the State: Sessionless (Stateless) Authentication in D8 with Whole Foods Market BADCamp 2017
2 These Guys Dr J Daverth Technical Lead, Whole Foods Market D.O.: dr-jay BitBucket: drjdaverth LinkedIn: drjdaverth Adam Weingarten Senior Technical Architect, Acquia D.O.: adam.weingarten GitHub: aweingarten LinkedIn: adam.weingarten Page 2
3 Brought to you by Page 3
4 What are we going to talk about? Why scaling authenticated traffic is hard? What is sessionless auth? How can you use it to manage a single login to multiple sites Working with an external auth provider (Janrain) PIIaaS! Storing PII as a Service in an API. Proxying web-service calls - don t do it! How to delegate oauth tokens
5 Case Study: Launched July 2012 on Drupal 7 Designed for a much more static world Full page refreshes Not service based
6 Deep dive into the issues on D7 Primitive Janrain Social Integration: Really heavy weight on page load Bloated DB. Copies took forever. Stored unnecessary PII Authenticated experiences required full page loads. Meant things weren t cacheable.
7 You want your food to be grown organically not your website
8 D8 High Level Goals
9 Technical Drivers Support 10% Authenticated Traffic SSO between D7 and D8 Personalized Digital Experience Mobile / Responsive Experience
10 Back to the Basics
11 Scaling Anonymous Traffic Is Easy Can let CDN do the lifting: Fastly, Akamai, CloudFlare. Varnish in front of your webs Hit your origin. Store the information at Varnish and CDN. Caching solves all the problems.
12 What is a session? The sequence of interactions between client and server, or between user and system; the period during which a user is logged in or connected. -- Thus spoke Wikipedia
13 What is a PHP Session? - $_SESSION super global - Start with session_start() early in your PHP script. - Drupal wraps it and stores data across requests in the DB - Uses a cookie value to ID you
14 What does it look like?
15 Why are sessions a PAIN? HTTP/ OK Age: 0 Cache-Control: must-revalidate, no-cache, private Via: 1.1 varnish-v4 Connection: keep-alive X-Cache: MISS, MISS, MISS X-Cache-Hits: 0, 0 X-Timer: S ,VS0,VE296
16 Under Pressure
17 Opposition of Forces New experience requires personalization Our infrastructure sucks at personalized data
18 Oh did you forget we also need to support seamless login to D7 and D8? Login to one system, and let the second system hit a service to confirm a user is authenticated Set a token that both sites can read
19 Solutions not problems After we have crushed your soul let s build you back up.
20 Traditional Auth Get session Data Yeah they re cool Authenticates IDP Return personalized data Drupal 8 MySql with Session tables Return session data
21 Sessionless Auth
22 From Drupal s POV
23 What is in the magic encrypted token? Anything that might live in a PHP Session or User table API UserIDs Session Expiration time
24 How does this let me do D7 and D8? Assuming that the 2 sites are on the same domain or subdomain Both sites can read the cookie Shared decryption key both can read it. I login on D8 -> I go to a page being hosted at D7
25 I used to log people out by truncating the session table. Now what?
26 We can show you how to prevent world domination by zombies
27 Set Cookie Cookie Expiration Joe signs in 9/7/17 8:00 AM 10/7/17 8:00 AM Adam kicks everyone out 9/7/17 10:00 AM 10/7/17 10:00 AM Saul Logs in 9/7/17 11:00 AM 10/7/17 11:00 AM Cookies: Fresh baked, stale, or burned to a crisp?
28 PIIaaS: Storing PII as a Service in an API
29 PII As a service All personalized content on IOS, Android and Web via API Drupal is a consumer of the API like anyone else No db calls, no PII unnecessarily stored on Drupal Clear separation of concerns.
30 Proxying webservice calls is bad.
31 Yeah this is why it s really bad. Latency. Each web-server has a finite number of concurrent PHP procs When you make a webservice call you tie up those procs waiting for a response. Limits transactions per-second.
32 How do I fix it?
33 Browser can access the API layer directly without an intermediary
34 How Scalable?
35 Very Scalable
36 Ended up with.. Scalable System Separation of concerns: Each part of our stack can focus on doing 1 thing well.
37 Questions?
38 Thank you!
Warm Up to Identity Protocol Soup
Warm Up to Identity Protocol Soup David Waite Principal Technical Architect 1 Topics What is Digital Identity? What are the different technologies? How are they useful? Where is this space going? 2 Digital
More informationAdministering Jive Mobile Apps for ios and Android
Administering Jive Mobile Apps for ios and Android TOC 2 Contents Administering Jive Mobile Apps...3 Configuring Jive for Android and ios...3 Custom App Wrapping for ios...3 Authentication with Mobile
More informationDocument Sub Title. Yotpo. Technical Overview 07/18/ Yotpo
Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time
More informationBUILDING THE FASTEST DRUPAL OF THE GALAXY
BUILDING THE FASTEST DRUPAL OF THE GALAXY Hello! I AM MATEU AGUILÓ I am a senior developer at Lullabot You can find me at @e0ipso Hi! I AM PEDRO GONZÁLEZ I am a sysadmin at sbit.io You can find me at @NITEMAN_es
More informationSecuring ArcGIS for Server. David Cordes, Raj Padmanabhan
Securing ArcGIS for Server David Cordes, Raj Padmanabhan Agenda Security in the context of ArcGIS for Server User and Role Considerations Identity Stores Authentication Securing web services Protecting
More informationWEB APPLICATION ENGINEERING II
WEB APPLICATION ENGINEERING II Lecture #5 Umar Ibrahim Enesi Objectives Gain understanding of how Cookies and Sessions Work Understand the limitations of Sessions and Cookies Understand how to handle Session
More informationSquirrel case-study. Decentralized peer-to-peer web cache. Traditional centralized web cache. Based on the Pastry peer-to-peer middleware system
Decentralized peer-to-peer web cache Based on the Pastry peer-to-peer middleware system Traditional centralized web cache 1 2 Decentralized caching of web pages use the resources of peers (web browsers/clients)
More informationAuthentication for Web Services. Ray Miller Systems Development and Support Computing Services, University of Oxford
Authentication for Web Services Ray Miller Systems Development and Support Computing Services, University of Oxford Overview Password-based authentication Cookie-based authentication
More informationDatabaseRESTAPI
ORDS DatabaseRESTAPI https://oracle.com/rest Jeff Smith Senior Principal Product Manager Jeff.d.smith@oracle.com @thatjeffsmith Database Tools, Oracle Corp Not just THAT SQLDev Guy I GET ORDS, too! Blogs
More informationControl for CloudFlare - Installation and Preparations
Control for CloudFlare - Installation and Preparations Installation Backup your web directory and Magento 2 store database; Download Control for CloudFlare installation package; Copy files to /app/firebear/cloudflare/
More informationRESTFUL WEB SERVICES - INTERVIEW QUESTIONS
RESTFUL WEB SERVICES - INTERVIEW QUESTIONS http://www.tutorialspoint.com/restful/restful_interview_questions.htm Copyright tutorialspoint.com Dear readers, these RESTful Web services Interview Questions
More informationData Source Kerberos / oauth On the Wire Explaining Kerberos Constrained Delegation with Protocol Transition and Oauth for Data Source Single Sign On
Welcome 1 8 B I - 11 3 Data Source Kerberos / oauth On the Wire Explaining Kerberos Constrained Delegation with Protocol Transition and Oauth for Data Source Single Sign On John Kew Manager / Connectivity
More informationComputer Networks. HTTP and more. Jianping Pan Spring /20/17 CSC361 1
Computer Networks HTTP and more Jianping Pan Spring 2017 1/20/17 CSC361 1 First things first W1 due next Monday (Jan 23) submit a single PDF file through connex Noah posted a docx for for questions on
More informationYour Auth is open! Oversharing with OpenAuth & SAML
Your Auth is open! Oversharing with OpenAuth & SAML Andrew Pollack Northern Collaborative Technologies 2013 by the individual speaker Sponsors 2013 by the individual speaker Who Am I? Andrew Pollack President
More informationMIRO DIETIKER Founder
DRUPAL SECURITY MIRO DIETIKER Founder I am I am consulting End User Agencies Site builder Hosters Developer Maintainer Open Source Initiative Leader Spring 2017 Security - Responsible disclosure...a vulnerability
More informationCSE/EE 461 HTTP and the Web
CSE/EE 461 HTTP and the Web Last Time The Transport Layer Focus How does TCP share bandwidth? Topics AIMD Slow Start Application Presentation Session Transport Network Data Link Fast Retransmit / Fast
More informationAuthentication CS 4720 Mobile Application Development
Authentication Mobile Application Development System Security Human: social engineering attacks Physical: steal the server itself Network: treat your server like a 2 year old Operating System: the war
More informationSSH with Globus Auth
SSH with Globus Auth Summary As the community moves away from GSI X.509 certificates, we need a replacement for GSI-OpenSSH that uses Globus Auth (see https://docs.globus.org/api/auth/ ) for authentication.
More informationApproaches for application request throttling. Maarten
Approaches for application request throttling Maarten Balliauw @maartenballiauw 1 Who am I? Maarten Balliauw Antwerp, Belgium Developer Advocate, JetBrains Founder, MyGet AZUG Focus on web ASP.NET MVC,
More informationCaching. Caching Overview
Overview Responses to specific URLs cached in intermediate stores: Motivation: improve performance by reducing response time and network bandwidth. Ideally, subsequent request for the same URL should be
More informationEric Sachs Director of Product Management Identity, Google. Pam Dingle Senior Technical Architect Office of the CTO, Ping Identity
SESSION ID: IDY-R05R Identity Standards at Work in Google's Mobile-Focused Future Eric Sachs Director of Product Management Identity, Google Pam Dingle Senior Technical Architect Office of the CTO, Ping
More informationTIBCO Cloud Integration Security Overview
TIBCO Cloud Integration Security Overview TIBCO Cloud Integration is secure, best-in-class Integration Platform as a Service (ipaas) software offered in a multi-tenant SaaS environment with centralized
More informationGuerilla Scaling In The Wild. Jake Grimley, Managing Director, Made Media Ltd.
Guerilla Scaling In The Wild Jake Grimley, Managing Director, Made Media Ltd. Made Media Ltd. Digital Marketing Agency Web Design Agency Arts, Media, Advertising Design & Code Disposable Software Employing...
More informationKerberos and Single Sign On with HTTP
Kerberos and Single Sign On with HTTP Joe Orton Red Hat Overview Introduction The Problem Current Solutions Future Solutions Conclusion Introduction WebDAV: common complaint of poor support for authentication
More informationHigh Availability/ Clustering with Zend Platform
High Availability/ Clustering with Zend Platform David Goulden Product Manager goulden@zend.com Copyright 2007, Zend Technologies Inc. In this Webcast Introduction to Web application scalability using
More informationSecuring APIs and Microservices with OAuth and OpenID Connect
Securing APIs and Microservices with OAuth and OpenID Connect By Travis Spencer, CEO @travisspencer, @curityio Organizers and founders ü All API Conferences ü API Community ü Active blogosphere 2018 Platform
More informationVAM. PeopleSoft Value-Added Module (VAM) Deployment Guide
VAM PeopleSoft Value-Added Module (VAM) Deployment Guide Copyright Information 2018. SecureAuth is a registered trademark of SecureAuth Corporation. SecureAuth s IdP software, appliances, and other products
More informationREST. And now for something completely different. Mike amundsen.com
REST And now for something completely different Mike Amundsen @mamund amundsen.com Preliminaries Mike Amundsen Developer, Architect, Presenter Hypermedia Junkie I program the Internet Designing Hypermedia
More informationArcGIS Server and Portal for ArcGIS An Introduction to Security
ArcGIS Server and Portal for ArcGIS An Introduction to Security Jeff Smith & Derek Law July 21, 2015 Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context
More informationHow to use or not use the AWS API Gateway for Microservices
How to use or not use the AWS API Gateway for Microservices Presented by Dr. Martin Merck Wednesday 26 September 2018 What is an API Gateway Traits AWS API Gateway Features of API gateway OAuth2.0 Agenda
More informationAttributes for Apps How mobile Apps can use SAML Authentication and Attributes
Attributes for Apps How mobile Apps can use SAML Authentication and Attributes Lukas Hämmerle lukas.haemmerle@switch.ch TNC 2013, Maastricht Introduction App by University of St. Gallen Universities offer
More informationScaling DreamFactory
Scaling DreamFactory This white paper is designed to provide information to enterprise customers about how to scale a DreamFactory Instance. The sections below talk about horizontal, vertical, and cloud
More informationAdministering Jive Mobile Apps
Administering Jive Mobile Apps Contents 2 Contents Administering Jive Mobile Apps...3 Configuring Jive for Android and ios... 3 Custom App Wrapping for ios... 4 Native App Caching: Android...4 Native App
More informationLife as a Service. Scalability and Other Aspects. Dino Esposito JetBrains ARCHITECT, TRAINER AND CONSULTANT
Life as a Service Scalability and Other Aspects Dino Esposito JetBrains ARCHITECT, TRAINER AND CONSULTANT PART I Scalability and Measurable Tasks SCALABILITY Scalability is the ability of a system to expand
More informationAppDirector and AppXcel With Oracle Application Server 10g Release 3 ( ) - Oracle SOA Suite Enterprise Deployment
AppDirector, AppXcel with Oracle SOA Suite 7/16/2008 TESTING & INTEGRATION GROUP AppDirector and AppXcel With Oracle Application Server 10g Release 3 (10.1.3.1.0) - Oracle SOA Suite Enterprise Deployment
More informationThe Z-Files: Field reports from the world of business critical PHP applications
The Z-Files: Field reports from the world of business critical PHP applications By Axel Schinke Senior Manager of Global Operations for Global Services About this webinar Field reports from Zend Consulting
More informationForgeRock Access Management Core Concepts AM-400 Course Description. Revision B
ForgeRock Access Management Core Concepts AM-400 Course Description Revision B ForgeRock Access Management Core Concepts AM-400 Description This structured course comprises a mix of instructor-led lessons
More informationBeginner's Guide to Performance! Jonathan Rowny
Beginner's Guide to Performance! Jonathan Rowny JonathanRowny Software Architect @ AboutWeb Speaking at RIACon next week about NodeJS jrowny.com @jrowny github.com/jrowny jrowny@aboutweb.com We have a
More informationUsing WebGallery, WebDeploy and some IIS Extensions
Using WebGallery, WebDeploy and some IIS Extensions Using WebGallery, WebDeploy and some IIS Extensions Luis Alves Martins @luismartins luis.martins@microsoft.com Architect Evangelist Microsoft Portugal
More informationSalesforce External Identity Implementation Guide
Salesforce External Identity Implementation Guide Salesforce, Spring 17 @salesforcedocs Last updated: March 11, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered
More informationMicrosoft Graph API Deep Dive
Microsoft Graph API Deep Dive Donald Hessing Lead Architect, Capgemini, The Netherlands Microsoft Certified Master (MCM) Agenda Introduction to Microsoft Graph API What is now and what is new in GA and
More informationArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith
ArcGIS Enterprise Security: An Introduction Gregory Ponto & Jeff Smith Agenda ArcGIS Enterprise Security Model Portal for ArcGIS Authentication Authorization Building the Enterprise Encryption Collaboration
More informationFREQUENTLY ASKED QUESTIONS (FAQs)
FREQUENTLY ASKED QUESTIONS (FAQs) OMREB s New Single Sign-On (SSO) Portal & Scout for SAFEAccess from Clareity 2 FAQs FREQUENTLY ASKED QUESTIONS (FAQs) Q: What is Clareity? A: Clareity Security s Single
More informationSalesforce External Identity Implementation Guide
Salesforce External Identity Implementation Guide Salesforce, Summer 17 @salesforcedocs Last updated: September 28, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered
More informationConfiguring Caching Services
CHAPTER 8 This chapter describes how to configure conventional caching services (HTTP, FTP [FTP-over-HTTP caching and native FTP caching], HTTPS, and DNS caching) for centrally managed Content Engines.
More informationModern Identity Management Patterns for Microservices and Mobile
SESSION ID: SDS-F04 Modern Identity Management Patterns for Microservices and Mobile Mark Perry APAC CTO Ping Identity @markperryau IT S A NEW WORLD Everything s Mobile 2 IT S A NEW WORLD Agile Backend
More informationTopic 15: Authentication
Topic 15: Authentication CITS3403 Agile Web Development Getting MEAN with Mongo, Express, Angular and Node, Chapter 11 Semester 1, 2018 Secure web apps Security is a primary concern for anyone developing
More informationDistributed Systems. 21. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 21. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2018 1 2 Motivation Serving web content from one location presents problems Scalability Reliability Performance
More informationCS November 2018
Distributed Systems 21. Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2018 1 2 Motivation Serving web content from one location presents problems Scalability Reliability Performance
More informationAccess Management Handbook
Access Management Handbook Contents An Introduction 3 Glossary of Access Management Terms 4 Identity and Access Management (IAM) 4 Access Management 5 IDaaS 6 Identity Governance and Administration (IGA)
More informationYahoo Traffic Server -a Powerful Cloud Gatekeeper
Yahoo Traffic Server -a Powerful Cloud Gatekeeper Shih-Yong Wang Yahoo! Taiwan 2010 COSCUP Aug 15, 2010 What is Proxy Caching? Proxy Caching explicit client configuration transparent emulate responses
More informationOWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example
Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example Tim Bass, CISSP Chapter Leader, Thailand +66832975101, tim@unix.com AppSec Asia October 21, 2008 Thailand Worldwide
More informationOpenIAM Identity and Access Manager Technical Architecture Overview
OpenIAM Identity and Access Manager Technical Architecture Overview Overview... 3 Architecture... 3 Common Use Case Description... 3 Identity and Access Middleware... 5 Enterprise Service Bus (ESB)...
More informationSingle Sign-On Showdown
Single Sign-On Showdown ADFS vs Pass-Through Authentication Max Fritz Solutions Architect SADA Systems #ITDEVCONNECTIONS Azure AD Identity Sync & Auth Timeline 2009 2012 DirSync becomes Azure AD Sync 2013
More informationCoding for OCS. Derek Endres Software Developer Research #OSIsoftUC #PIWorld 2018 OSIsoft, LLC
Coding for OCS Derek Endres Software Developer Research dendres@osisoft.com 1 Planned Agenda Intro (~20 min) Presentation formalities Intro to OCS Detail of what I am going to do Building the app (~55
More informationAuthentication with OAuth 2.0
Authentication with OAuth 2.0 The OAuth 2.0 specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs. OAuth
More informationPersonal Internet Security Basics. Dan Ficker Twin Cities DrupalCamp 2018
Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security is an aspiration, not a state. Encryption is your friend. Passwords are very important. Make a back-up plan. About
More informationOverview Content Delivery Computer Networking Lecture 15: The Web Peter Steenkiste. Fall 2016
Overview Content Delivery 15-441 15-441 Computer Networking 15-641 Lecture 15: The Web Peter Steenkiste Fall 2016 www.cs.cmu.edu/~prs/15-441-f16 Web Protocol interactions HTTP versions Caching Cookies
More informationThe New Net, Edge Computing, and Services. Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare May 2018
The New Net, Edge Computing, and Services Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare MNELSON@CLOUDFLARE.COM or @MikeNelson May 2018 We are helping build a better Internet Cloudflare is an Edge
More informationDATAOPS.BARCELONA SIMPLIFYING IDENTITY MANAGEMENT WITH SSO TOOLS
SIMPLIFYING IDENTITY MANAGEMENT WITH SSO TOOLS WHO AM I & WHAT DO WE DO? Pol Jane - Senior DevOps Engineer DevOps IoT Big Data Software Development Migrations Automation Cost Optimization WE RE WOLDWIDE!
More informationPersistence & State. SWE 432, Fall 2016 Design and Implementation of Software for the Web
Persistence & State SWE 432, Fall 2016 Design and Implementation of Software for the Web Today What s state for our web apps? How do we store it, where do we store it, and why there? For further reading:
More informationHypertext Transport Protocol HTTP/1.1
Hypertext Transport Protocol HTTP/1.1 Jim Gettys Digital Equipment Corporation, ISBU Visiting Scientist, World Wide Web Consortium 10/17/96 20-Apr-01 1 Acknowledgments HTTP/1.1 Authors Roy Fielding (UCI)
More informationReza Tourani, Satyajayant (Jay) Misra, Travis Mick
Application-Specific Secure Gathering of Consumer Preferences and Feedback in Information-Centric Networks Reza Tourani, Satyajayant (Jay) Misra, Travis Mick Computer Science Department New Mexico State
More informationPowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility
PowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility 2013 Informatica Corporation. No part of this document may be reproduced or transmitted in any form, by any means
More informationOpen Source in the Corporate World. Open Source. Single Sign On. Erin Mulder
Open Source in the Corporate World Open Source Single Sign On Erin Mulder Agenda Introduction Single Sign On for Multiple s Shared directory (e.g. OpenLDAP) Proxy systems (e.g. Yale CAS) X.509 certificates
More informationwww.drupaleurope.org How to COPE with external entities Publishing & Media Goal COPE: Create Once Publish Everywhere Strategy to create content in one place and publish it in many places Simple example:
More informationEnhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation
Enhancing cloud applications by using external authentication services After you complete this section, you should understand: Terminology such as authentication, identity, and ID token The benefits of
More informationWhen providing a native mobile app ruins the security of your existing web solution. CyberSec Conference /11/2015 Jérémy MATOS
When providing a native mobile app ruins the security of your existing web solution CyberSec Conference 2015 05/11/2015 Jérémy MATOS whois securingapps Developer background Spent last 10 years working
More information[GSoC Proposal] Securing Airavata API
[GSoC Proposal] Securing Airavata API TITLE: Securing AIRAVATA API ABSTRACT: The goal of this project is to design and implement the solution for securing AIRAVATA API. Particularly, this includes authenticating
More informationReal World Web Scalability. Ask Bjørn Hansen Develooper LLC
Real World Web Scalability Ask Bjørn Hansen Develooper LLC Hello. 28 brilliant methods to make your website keep working past $goal requests/transactions/sales per second/hour/day Requiring minimal extra
More informationI n p u t. This time. Security. Software. sanitization ); drop table slides. Continuing with. Getting insane with. New attacks and countermeasures:
This time Continuing with Software Security Getting insane with I n p u t sanitization ); drop table slides New attacks and countermeasures: SQL injection Background on web architectures A very basic web
More informationPolicy Manager for IBM WebSphere DataPower 7.2: Configuration Guide
Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide Policy Manager for IBM WebSphere DataPower Configuration Guide SOAPMDP_Config_7.2.0 Copyright Copyright 2015 SOA Software, Inc. All rights
More informationCS 355. Computer Networking. Wei Lu, Ph.D., P.Eng.
CS 355 Computer Networking Wei Lu, Ph.D., P.Eng. Chapter 2: Application Layer Overview: Principles of network applications? Introduction to Wireshark Web and HTTP FTP Electronic Mail SMTP, POP3, IMAP DNS
More informationBuilding on the Globus Python SDK
Building on the Globus Python SDK Stephen Rosen April 11, 2017 SDK Overview The Globus SDK is a client-side library which provides language bindings for entities and methods available via web APIs. SDK
More informationBlack Box DCX3000 / DCX1000 Using the API
Black Box DCX3000 / DCX1000 Using the API updated 2/22/2017 This document will give you a brief overview of how to access the DCX3000 / DCX1000 API and how you can interact with it using an online tool.
More informationDistributed Architectures & Microservices. CS 475, Spring 2018 Concurrent & Distributed Systems
Distributed Architectures & Microservices CS 475, Spring 2018 Concurrent & Distributed Systems GFS Architecture GFS Summary Limitations: Master is a huge bottleneck Recovery of master is slow Lots of success
More informationSalesforce External Identity Implementation Guide
Salesforce External Identity Implementation Guide Salesforce, Winter 18 @salesforcedocs Last updated: December 20, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered
More informationP2_L12 Web Security Page 1
P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction
More informationGroupWise Architecture and Best Practices. WebAccess. Kiran Palagiri Team Lead GroupWise WebAccess
GroupWise Architecture and Best Practices WebAccess Kiran Palagiri Team Lead GroupWise WebAccess kpalagiri@novell.com Ed Hanley Senior Architect ed.hanley@novell.com Agenda Kiran Palagiri Architectural
More informationUsing OAuth 2.0 to Access ionbiz APIs
Using OAuth 2.0 to Access ionbiz APIs ionbiz APIs use the OAuth 2.0 protocol for authentication and authorization. ionbiz supports common OAuth 2.0 scenarios such as those for web server, installed, and
More informationCIT 668: System Architecture. Caching
CIT 668: System Architecture Caching Topics 1. Cache Types 2. Web Caching 3. Replacement Algorithms 4. Distributed Caches 5. memcached A cache is a system component that stores data so that future requests
More informationForce.com Mobile Web with Sencha Touch
Force.com Mobile Web with Sencha Touch Don Robins Outformations, Inc. www.forcementor.com www.outformations.com Who Am I? 1. Technical Instructor (since 2009) 2. Developer (since 1984) 3. Community Activist
More informationEMPOWER2018 Quick Base + Workato Workjam
EMPOWER2018 Quick Base + Workato Workjam Prerequisites Thank you for your interest in the Workjam. We are excited to have you on board. Before you get cracking to build your very own integration, below
More informationSecurity & Privacy. Larry Rudolph. Pervasive Computing MIT SMA 5508 Spring 2006 Larry Rudolph
Security & Privacy Larry 1 Who cares about Privacy? Everybody? Nobody? Criminals? Governments? Corporations? Privacy is the right to keep information hidden. But there is lots of information. You do not
More informationWeb Security, Summer Term 2012
IIG University of Freiburg Web Security, Summer Term 2012 Brocken Authentication and Session Management Dr. E. Benoist Sommer Semester Web Security, Summer Term 2012 7 Broken Authentication and Session
More informationWeb Security, Summer Term 2012
Table of Contents IIG University of Freiburg Web Security, Summer Term 2012 Brocken Authentication and Session Management Dr. E. Benoist Sommer Semester Introduction Examples of Attacks Brute Force Session
More informationScaling Without Sharding. Baron Schwartz Percona Inc Surge 2010
Scaling Without Sharding Baron Schwartz Percona Inc Surge 2010 Web Scale!!!! http://www.xtranormal.com/watch/6995033/ A Sharding Thought Experiment 64 shards per proxy [1] 1 TB of data storage per node
More informationCMPE 151: Network Administration. Servers
CMPE 151: Network Administration Servers Announcements Unix shell+emacs tutorial. Basic Servers Telnet/Finger FTP Web SSH NNTP Let s look at the underlying protocols. Client-Server Model Request Response
More informationDesigning, Scoping, and Configuring Scalable LAMP Infrastructure
Designing, Scoping, and Configuring Scalable LAMP Infrastructure Presented 2010-05-19 by About me About me Founded Four Kitchens in 2006 while at UT Austin About me Founded Four Kitchens in 2006 while
More informationGrandstream Networks, Inc. Captive Portal Authentication via Twitter
Grandstream Networks, Inc. Table of Content SUPPORTED DEVICES... 4 INTRODUCTION... 5 CAPTIVE PORTAL SETTINGS... 6 Policy Configuration Page... 6 Landing Page Redirection... 8 Pre-Authentication Rules...
More informationAvoka Transact Reference Architectures. Version 4.0
Avoka Transact Reference Architectures Version 4.0 COPYRIGHT NOTICE Copyright 2014 - Avoka Technologies Pty Ltd. All Rights Reserved. No parts of this work may be reproduced in any form or by any means
More informationLecture 7: Dates/Times & Sessions. CS 383 Web Development II Wednesday, February 14, 2018
Lecture 7: Dates/Times & Sessions CS 383 Web Development II Wednesday, February 14, 2018 Date/Time When working in PHP, date is primarily tracked as a UNIX timestamp, the number of seconds that have elapsed
More informationPersistence. SWE 432, Fall 2017 Design and Implementation of Software for the Web
Persistence SWE 432, Fall 2017 Design and Implementation of Software for the Web Today Demo: Promises and Timers What is state in a web application? How do we store it, and how do we choose where to store
More informationLecture 9a: Sessions and Cookies
CS 655 / 441 Fall 2007 Lecture 9a: Sessions and Cookies 1 Review: Structure of a Web Application On every interchange between client and server, server must: Parse request. Look up session state and global
More informationDepending on your location and needs we can accommodate your application at one of our established data centers:
Drupal Hosting by Developers, for Developers At amazee.io, we don t just know Drupal we love Drupal. We re a secure, high-performance, cloud-based hosting provider built for folks who love their Drupal
More informationAuthentication in the Cloud. Stefan Seelmann
Authentication in the Cloud Stefan Seelmann Agenda Use Cases View Points Existing Solutions Upcoming Solutions Use Cases End user needs login to a site or service End user wants to share access to resources
More informationThe case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world
The case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world Tore Anderson Redpill Linpro AS PLNOG10, Warszawa, February 2013 Our traditional DC layout VLAN cust. 1 ~150
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationConnect. explained. Vladimir Dzhuvinov. :
Connect explained Vladimir Dzhuvinov Email: vladimir@dzhuvinov.com : Twitter: @dzhivinov Married for 15 years to Java C Python JavaScript JavaScript on a bad day So what is OpenID Connect? OpenID Connect
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More information