Calculating Risk Across Project Real-estate using Graph Analysis
Prioritising remediation of vulnerabilities based on effective impact and risk using PageRank.
Articles
Python3 Notes
This is just a collection of notes I’ve made over a period of time to remind me of certain commands or syntax. I will continue adding to this over time. I’m also going to add my Natural Language Processing notes and Machine Learning Notes in a couple of other articles.
Introduction to SAML for Managers
SAML allows your users to be authenticated and authorized without direct interaction with your web site. It does this by creating a trust relationship between the site and a trusted third party who vouches for the identity of the user. This article explains both how this happens and what the additional benefits are.
Introduction to Kerberos for Managers
What is Kerberos? It is an authentication mechanism...
Introduction to Digital Signatures for Managers
What are digital signatures and what do they tell us, what information do they hold? All this and more are explained in this article.
Introduction to SSL for Managers
In this article I am going to outline what SSL is, its building blocks and how it works.
Three Brass Monkeys
In this article I’m going to talk about why we shouldn’t take security for granted, what practices should be part of our process and how the industry may move to enforce this.
Introduction to Public Key Encryption for Managers
In this first article of a series I’m going to start by explaining a little bit about Public Key encryption which is one of the fundamental building blocks of SSL.
SAML Single Sign on With JBoss Wildfly and Picketlink
Following on from my previous article about configuring SAML SSO with Tomcat and Picketlink this time I will show you how to do the same thing with JBoss Wildfly.
Kerberos User Impersonation on Tomcat with Apache
If you are using Kerberos for single sign-on SSO and want to be able to make http requests impersonating the end user to third party systems you can do this using the HttpClient that is part of the Apache HttpComponents project.
SAML Single Sign-On with Tomcat and PicketLink
In this article I’ll give you an introduction to SAML Web Browser Single Sign On Profile using POST and how to configure it in Tomcat.
ANTLR and JavaCC Parser Generators
The pros and cons of both ANTLR and JavaCC when parsing, small to medium size pieces of code as is often the case with, domain specific languages.
Security Misnomers
In this article I’m not going to talk about IT security, instead I’m going to talk about the fallacies of security in our everyday lives in the real world.
Configuring Tomcat 7 Single Sign-on with SPNEGO (Kerberos & LDAP) Part 2
In this recipe you will see how to configure authentication cross forest and how you might implement cross forest authorization.
Programming Language Peculiarities: Java WAT!
I program in Java pretty much every day or at least every week day. Yet I could think of very few peculiarities.
Configuring Tomcat Single Sign-on with SPNEGO (Kerberos & LDAP)
So what is SPNEGO? SPNEGO stands for Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO). It is a mechanism by which an authenticating body negotiates with the authenticator what security protocol to use, for example Kerberos, NTLM, Digest or Basic