Skip to main content

Home/ Arquitectura?/ Group items tagged authorization

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Pablo Lalloni

RangelReale/osin - 0 views

github.com/osin

development programming golang oauth2 security libraries

shared by Pablo Lalloni on 01 May 15 - No Cached
  • Pablo Lalloni on 01 May 15
     
    "OSIN is an OAuth2 server library for the Go language, as specified at http://tools.ietf.org/html/rfc6749 and http://tools.ietf.org/html/draft-ietf-oauth-v2-10. Using it, you can build your own OAuth2 authentication service. The library implements the majority of the specification, like authorization and token endpoints, and authorization code, implicit, resource owner and client credentials grant types."
Pablo Lalloni

FreeIPA - 0 views

www.freeipa.org/About

infrastructure tools operations security authentication identity-management

shared by Pablo Lalloni on 08 Jan 19 - No Cached
  • Pablo Lalloni on 08 Jan 19
     
    "FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools. FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers. FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks. Multiple FreeIPA servers can easily be configured in a FreeIPA Domain in order to provide redundancy and scalability. The 389 Directory Server is the main data store and provides a full multi-master LDAPv3 directory infrastructure. Single-Sign-on authentication is provided via the MIT Kerberos KDC. Authentication capabilities are augmented by an integrated Certificate Authority based on the Dogtag project. Optionally Domain Names can be managed using the integrated ISC Bind server. Security aspects related to access control, delegation of administration tasks and other network administration tasks can be fully centralized and managed via the Web UI or the ipa Command Line tool."
Pablo Lalloni

Compass Home | Compass Documentation - 0 views

compass-style.org

development web-development library css framework programming

shared by Pablo Lalloni on 28 Jun 12 - Cached
  • Pablo Lalloni on 28 Jun 12
     
    Compass is an open-source CSS Authoring Framework.
Pablo Lalloni

Data.js - 1 views

substance.io/data-js

javascript development programming library web-development

shared by Pablo Lalloni on 18 Aug 12 - No Cached
  • Pablo Lalloni on 18 Aug 12
     
    Data.js is a data representation framework for Javascript. It is being developed in the context of Substance, a web-based document authoring and publishing engine. It took some inspiration from various existing libraries such as the Google Visualization API or Underscore.js.  You can report bugs and discuss features on the GitHub issues page, on Freenode IRC in the #_substance chann el, post questions to the Google Group, or send tweets to @_substance. With Data.js you can: Model your domain data using a simple graph-based object model that can be serialized to JSON. Traverse your graph, including relationships using a simple API. Manipulate and query data on the client (browser) or on the server (Node.js) by using exactly the same API. 
Pablo Lalloni

visionmedia/git-extras - 0 views

github.com/...git-extras

git tools development scm dvcs

shared by Pablo Lalloni on 07 Aug 13 - No Cached
  • Pablo Lalloni on 07 Aug 13
     
    "GIT utilities -- repo summary, repl, changelog population, author commit percentages and more"
Pablo Lalloni

Getting Started With OpenAM - 0 views

openam.forgerock.org/...index.html

development openam security

shared by Pablo Lalloni on 15 May 15 - No Cached
  • OpenAM centralizes authentication by using a variety of authentication modules. Authentication modules connect to identity repositories that store identities and provide authentication services. The identity repositories can be implemented as LDAP directories, relational databases, RADIUS, Windows authentication, one-time password services, other standards-based access management systems and much more.
  • OpenAM centralizes authorization by letting you use OpenAM to manage access policies separate from applications and resources. Instead of building access policy into a web application, you install a policy agent with the web application to request policy decisions from OpenAM. This way you can avoid issues that could arise when developers must embed policy decisions into their applications. With OpenAM, if policy changes or an issue is found after the application is deployed, you have only to change the policy definition in OpenAM, not deploy a new version of the application. OpenAM makes the authorization decisions, and policy agents enforce the decisions on OpenAM's behalf.
  • Pablo Lalloni on 15 May 15
     
    "OpenAM centralizes authentication by using a variety of authentication modules. Authentication modules connect to identity repositories that store identities and provide authentication services. The identity repositories can be implemented as LDAP directories, relational databases, RADIUS, Windows authentication, one-time password services, other standards-based access management systems and much more."
munyeco

OpenAM Administration Guide - 0 views

openam.forgerock.org/...index.html

shared by munyeco on 15 May 15 - No Cached
  • An authentication service confirms the identity of a user or a client application.
  • OpenAM is most frequently used to protect web-accessible resources. Users browse to a protected web application page. An agent installed on the server with the web application redirects the user to OpenAM for access management. OpenAM determines who the user is, and whether the user has the right to access the protected page. OpenAM then redirects the user back to the protected page, with authorization credentials that can be verified by the agent. The agent allows OpenAM authorized users access the page.
Pablo Lalloni

REST API Reference - PayPal Developer - 1 views

developer.paypal.com/api

development programming paypal reference api http rest

shared by Pablo Lalloni on 13 Jun 14 - No Cached
  • Pablo Lalloni on 13 Jun 14
     
    "The PayPal API uses HTTP verbs and a RESTful endpoint structure. OAuth 2.0 is used as the API Authorization framework. Request and response payloads are formatted as JSON."
Pablo Lalloni

URI.js - URLs in Javascript - 3 views

medialize.github.io/URI.js

development programming library javascript url uri uri-templates

shared by Pablo Lalloni on 04 Jul 14 - No Cached
  • Pablo Lalloni on 04 Jul 14
     
    "URI.js is a javascript library for working with URLs. It offers a "jQuery-style" API (Fluent Interface, Method Chaining) to read and write all regular components and a number of convenience methods like .directory() and .authority(). URI.js offers simple, yet powerful ways of working with query string, has a number of URI-normalization functions and converts relative/absolute paths. While URI.js provides a jQuery plugin. URI.js itself does not rely on jQuery. You don't need jQuery to use URI.js"
  • munyeco on 05 Jul 14
     
    Hola!. La vi el viernes a la manyana la libreria esta.Parece que esta buenisima. respecto a lo que yo tenia que hacer obviamente que puede ayudar con las funciones relative y absolute, pero por lo que definimos, "Construir las url's de los recursos a partir del raiz de la libreria", descarte su adopcion por parecerme de alguna forma "sobrecarga".Sea como sea, es una buena herramienta para adoptar. Buen finde.
  • munyeco on 05 Jul 14
     
    Me acabo de dar cuenta.... Este articulo lo pusiste el 4. Estamos a la noche del 5 y recien me notifico. No es la primera vez, y ahora sospecho que son todas las veces las que cosas compartidas en diigo que se notifican con demora. Porque sera?
Pablo Lalloni

Packaged Web Apps (Widgets) - Packaging and XML Configuration (Second Edition) - 0 views

dev.w3.org/widgets

development portals web-development widgets

shared by Pablo Lalloni on 13 Apr 15 - No Cached
  • Pablo Lalloni on 13 Apr 15
     
    "This specification standardizes a packaging format and metadata for a class of software known commonly as packaged apps or widgets. Unlike traditional user interface widgets (e.g., buttons, input boxes, toolbars, etc.), widgets as specified in this document are full-fledged client-side applications that are authored using technologies such as HTML and then packaged for distribution. Examples range from simple clocks, stock tickers, news casters, games and weather forecasters, to complex applications that pull data from multiple sources to be "mashed-up" and presented to a user in some interesting and useful way."
Pablo Lalloni

Let's Encrypt - Free SSL/TLS Certificates - 0 views

letsencrypt.org/about

tls security pki certificates ca development infrastructure operations devops

shared by Pablo Lalloni on 09 Apr 16 - No Cached
  • Pablo Lalloni on 09 Apr 16
     
    "Let's Encrypt is a free, automated, and open certificate authority (CA), run for the public's benefit. Let's Encrypt is a service provided by the Internet Security Research Group (ISRG). The key principles behind Let's Encrypt are: Free: Anyone who owns a domain name can use Let's Encrypt to obtain a trusted certificate at zero cost. Automatic: Software running on a web server can interact with Let's Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal. Secure: Let's Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers. Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect. Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt. Cooperative: Much like the underlying Internet protocols themselves, Let's Encrypt is a joint effort to benefit the community, beyond the control of any one organization."
Pablo Lalloni

Dogtag - 1 views

www.dogtagpki.org/...PKI_Main_Page

infrastructure tools operations security pki ca ocsp architecture certificates certificate-management

shared by Pablo Lalloni on 08 Jan 19 - No Cached
  • Pablo Lalloni on 08 Jan 19
     
    "The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. The Dogtag Certificate System can be downloaded for free and set up in less than an hour."
Pablo Lalloni

Home - Forge - Project Documentation Editor - 0 views

docs.jboss.org/...Home

programming development tools cli

shared by Pablo Lalloni on 19 Apr 12 - No Cached
  • Pablo Lalloni on 19 Apr 12
     
    A core framework and next-generation shell for tooling and automation at a command line level; with APIs for integration in IDEs, extending built in functionality with plugins, and scripting for automating repetitive tasks, Forge is a tool every open-source developer should be looking at. A core framework for rapid-application development in a standards-based environment. Plugins / incremental project enhancement for Java EE, and more.
Pablo Lalloni

User-Managed Access (UMA) Profile of OAuth 2.0 - 0 views

docs.kantarainitiative.org/...rec-uma-core-v1_0.html

development security oauth2 authorization

shared by Pablo Lalloni on 14 May 15 - No Cached
  • Pablo Lalloni on 14 May 15
     
    "User-Managed Access (UMA) Profile of OAuth 2.0"
munyeco

authorization - SAML2 vs. OAuth - What are some reasonable relationships? - Information... - 0 views

security.stackexchange.com/...-some-reasonable-relationships

shared by munyeco on 09 Jun 15 - No Cached
  • Bridging the SAML and OAuth 2.0 frameworks is a well understood problem. The following stack of IETF specs provides a standard solution: If you look at the core OAuth 2.0 spec (RFC 6749) and its token endpoint definition - this is basically an OAuth server endpoint which returns an access token in exchange for a "grant" -- an open-ended concept of something deemed appropriate to grant the client app the issue of an access token. In the typical OAuth scenario this is an authorisation code signifying that the user has been previously authenticated and given their consent. But the grant could also be something else. There is a further IETF spec called draft-ietf-oauth-assertions-16 that builds on the core RFC 6749 standard which says that the grant can also be an assertion (a signed proof of something) and defines the necessary token request parameters for that. Finally, there is draft-ietf-oauth-saml2-bearer-20, which specifies how this assertion can be a SAML 2.0 Bearer Assertion. This standard mechanism for converting a SAML assertion into an OAuth 2.0 access token is essentially all that is needed to bridge the two frameworks. To ensure removal of users is properly reflected by the authorisation systems there are two approaches, which can be combined: Make the OAuth 2.0 access tokens short lived. This will force the client to repeat the authorisation process when the token expires, and if the user no longer exists authentication will fail and no grant (SAML assertion) will be issued. Provide an API for revoking issued OAuth 2.0 access tokens, see RFC 7009 for details.
  • munyeco on 09 Jun 15
     
    Es un problemón conocido y con blancos sin estandarizar el juntar SAML 2.0 en cuanto a AuhN y Oauth2 para autorización. Éste post es el mas sintético que encontré con un agregado de valor muy alto: Deja entrever que aunque no sea estándar, el mecanismo es posible, y se basa en convertir una aserción SAML2 en un token de acceso OAuth2. uno puede transliterar ésta propocisión así: "convertir una aserción CLAVE FISCAL en un token de acceso OAuth2".  La pregunta es: ¿Que será una aserción CLAVE FISCAL?
carlosmiranda

Infinispan with Scala - Infinispan 5.1 - Project Documentation Editor - 0 views

docs.jboss.org/...Infinispan+with+Scala

shared by carlosmiranda on 17 Sep 11 - No Cached
  • Pablo Lalloni on 17 Sep 11
     
    Esto es muy muy poco comparado con la excelente API Scalar de GridGain.
1 - 20 of 23 Next ›
Showing 20 items per page