REST Service Authorization with JWTs

avatar-jon_todd.jpg
Jon Todd
  ·
William Dawson
  ·
Many companies are adopting micro-services based architectures to promote decoupling and separation of concerns in their applications. One inherent challenge with breaking applications up into small services is that now each service needs to deal with authenticating and authorizing requests made to it. Json Web Tokens (JWTs) offer a clean solution to this problem along with TLS client authentication lower down in the stack. Wils Dawson and I presented these topics to the Java User... Read more
            
                                  

Demystifying OAuth

avatar-karl.png
Karl McGuinness
  ·
It seems that OAuth 2.0 is everywhere these days. Whether you are building a hot new single page web application (SPA), a native mobile experience, or just trying to integrate with the API economy, you can’t go far without running into the popular authorization framework for REST/APIs and social authentication. During Oktane15, Karl McGuinness, our Senior Director of Identity, demystified the powerful, yet often misunderstood, world of OAuth 2.0 and shared details on Okta’s growing... Read more
            
                                  

TLS Client Authentication for Internal Services

avatar-william_dawson.jpg
William Dawson
  ·
If you’re like me, the most aggravating thing is finding a Stack Overflow question that exactly describes the issue you are facing, only to scroll down and see that it has remained unanswered since 2011. I was recently trying to configure Transport Layer Security (TLS) client authentication (also referred to as mutual SSL) between two internal services at Okta and found the lack of complete examples astonishing. I hope that this blog post provides a... Read more
            
                                  

The New Age of Trust

avatar-vimarsh_karbhari.jpg
Vimarsh Karbhari
  ·
I recently read an excellent article about how amazing products shape the trust relationship with customers. I think great products are the first step in building a trust relationship. And like other aspects of the product that are derived from the product but are not physically part of it, the trust relationship is now more important than ever before. When you use a product, every engagement with that product has a direct correlation with your... Read more
            
                                  

How Okta Chased Down Severe System CPU Contention in MySQL

avatar-okta_logo.jpg
Okta Staff
  ·
Sometimes fixing a problem causes or reveals a new one. And sometimes this sets off a chain reaction of problems and fixes, where each solution exposes a deeper issue. In technology, cascades like these are common, often painful, and occasionally welcome. Our battle against CPU contention last fall is a good example of such a cascade. What began as a buffer pool adjustment triggered a series of issues and fixes that generated plenty of stress,... Read more
            
                                  

Okta Software Engineering Design Principles

avatar-jon_todd.jpg
Jon Todd
  ·
Okta has been an agile development shop since the beginning. One important aspect of being agile is enabling a mix of bottom-up and top-down decision making. Specifically where high level vision and strategy is clearly communicated enabling teams to autonomously deliver value while also feeding back learnings from the trenches to inform the high level goals.1 Below are the tacit engineering design principles we’ve used to guide development at Okta. They continue to evolve as... Read more
            
                                  

Productionalizing ActiveMQ

avatar-okta_logo.jpg
Okta Staff
  ·
This post describes our odyssey with ActiveMQ, an open-source version of the Java Messaging Service (JMS) API. We use ActiveMQ as the message broker among our app servers. First, a word of thanks. To overcome the challenges we faced with ActiveMQ, we are greatly indebted to a very thorough description of an OpenJDK bug, as well as some other online resources. If you’re having problems with ActiveMQ, read on. Maybe our story can help you.... Read more
            
                                  

Android Unit Testing Part IV: Mocking

avatar-victor_ronin.png
Victor Ronin
  ·
This is the third of a four part series on Android Unit Testing. In the last two articles I discussed the general principles of having good tests and the way to run Android tests on JVM making them fast and how to make your code less coupled. This article will explain how to make tests isolated. We need to mock a dependency, inject it, and then modify our test to indicate that we are not... Read more
            
                                  

Android Unit Testing Part III: Disintegration

avatar-victor_ronin.png
Victor Ronin
  ·
This is the third of a four part series on Android Unit Testing. In the last two articles I discussed the general principles of having good tests and the way to run Android tests on JVM making them fast. This part will show how to make your Android code less heavily coupled. This is a preparation step to ensure that your tests are isolated from each other. We want to test each unit of work... Read more
            
                                  

Android Unit Testing Part II: Escaping Dalvik’s Hold

avatar-victor_ronin.png
Victor Ronin
  ·
This is the second of a four part series on Android Unit Testing. In these posts, we’ll walk through the key steps engineers should take to make Android test fast by running them on JVM (versus running them on emulator). For background information on the importance of Android testing, visit Part I of the series. It appears that the need to run tests on an Android device or an emulator has concerned Android engineers for... Read more