In my web based application I'm looking for a way that enables only
some of the user to connect how have special client certificate installed
on their browser.
I'm very new to this field and already searched it on Google but all resources found are confusing and failed to provide what should be done to setup this kind of structure, I'm just looking for any expert who have ground knowledge on this any education links and articles suggested are welcome.
You are probably looking for two-way (or mutual) authentication with TLS.
Here is a step-by-step guide for a manual trial on Linux-derived systems.
Related
I'm looking for astandards-based TOTP (time-based one time password) authentication server to implement strong security for my Netscaler appliance.
I was not able to find a radius server with easy to use interface that supports Google Authenticator.
Grateful if you can suggest a solution!
Thanks
Not sure about how easy to use this solution is, but what Citrix suggests is OpenOTP. It supports Google Authenticator (in addition to others). It is free for 25 users, 50 users will cost you at least 1000EUR
Another solution is TOTPRadius, no pricing info is available, but it is the only one supporting self-registration if using Citrix StoreFront.
p.s. Sorry, forgot to add a disclaimer: I am affiliated with Token2
Update regarding OpenOTP: it is free for 40 users. Please ask RCDevs for actual pricing regarding more users.
Starting with 50 users you are entiteled to install the OpenOTP/WebADM Backend as an active/active cluster (2 servers).
The OpenOTP Token App supports additional features compared to Google Authenticator.
For fast evaluation, virtual appliances (for Oracle Virtual Box or VMware) are available under here.
Protectimus provides 2FA solution for strong protection against unauthorized account access within Citrix XenApp. It also has a status of Citrix Ready. You can contact sales team for actual pricing.
Disclaimer: I work for Protectimus
I had someone reach out to me with a couple of queries about source code encryption in Team Services. I don't know and can't find an answer to online (Google fell flat?).
The question is: Can a company control their own encryption of source code at rest with Team services? Essentially, this would mean controlling their own keys and having the ability to pull access logs for people accessing the source control.
I believe the answer is still no. Microsoft may encrypt, but I don't believe there is a provision for a company to control their own source control security if it goes on the cloud.
The answer is just as what you think: No for now. Microsoft use kinds of ways (Check this link for details: Visual Studio Team Services Data Protection) to protect the customer data, but the way which you are asking isn't supported for now.
You can submit a feature request on VSTS User Voice for this.
Hi I am using CAS for SSO. But problem is that i want reset password,register new user on CAS login screen.Does CAS provide these services or i have to implement?
Or Any other SSO solution exist which fulfill my requirement.
CAS is just a SSO frontend to your existing identity management solution (database, LDAP etc). It does not include any identity management features itself (create user account, reset password etc). I have recently been using the Cloudseal platform which is a full identity management solution and so far I am pretty impressed. I believe Atlassians Crowd also includes this although I have not used it. There are probably other products out there as well.
Both of these are commercial products although they are both free for the first 50 users. Crowd is a traditional standalone platform which you download, install and configure but Cloudseal is a hosted service so there is no installation and less config.
You can certainly modify the spring weblog and login page to allow for the functionality that of course you'd have to implement. You should also ask the question on #cas-user mailing list to see if a similar need in the community has been implemented by other users which you may be able to take advantage of. I remember only recently someone raised the same question to the list and there was a bit of interest in getting this feature developed and integrated. You may want to revisit the topic on the mailing list.
Hope this helps.
I am investigating an open source solution for IdM.
So far, my choices are OpenIDM, OpenAM, Josso & CAS.
But most solutions are focusing on SSO, however my requirements are more on user management and provisioning. Can Josso/CAS/OpenIDM provide user provisioning/deprovisioning, group policy , etc? Any open source alternative to Atlassian Crowd, matching in every functionality?
The open source solutions that you mention focus largely on SSO, not identity management. JOSSO has a user provisioning feature but AFAIK it does not include group policies. If you are looking for a full identity management solution you would need to look at the commercial products like Cloudseal, Crowd, Oracle etc.
I want to connect to a remote database(MySQL or SQL Server or Oracle) via internet from my native iphone app. I can't find any API or Framework in System to add. does any one know how to connect to a remote Database? pleased help me. Thank you very much
I'm not an iPhone programmer, but I would suspect you want some abstraction going on.
Instead of trying to make a native database connection work, consider writing some service layer that talks to the database on the back-end, and speaks HTTP to your client application.
Plenty of very good reasons for this. Security concerns chief among them.
One way to do it would be to setup an HTTPS server that wraps your requests. Submit your queries via HTTPS POST. The server setup would be pretty basic and it gives you the chance to do any post-processing before sending it over the wire.
The best alternative is to use webservices to access the information stored remotely.
Bye.
Disclaimer : Shamelessly plugging my own product :)
We've built an online system called Kumulos that allows iOS and OSX developers to build and host online databases in the cloud, while easily creating custom API methods for accessing it. It even builds all the Objective-C bindings for you.
Its really really easy to use and its free while in Beta. We'd love some honest developer feedback :)
Check it out here