Spring is a long-time friend to enterprise companies throughout the world. When Spring Boot came along in 2014, it greatly simplified configuring a Spring application. This led to widespread adoption and continued investment in related Spring projects. One of my favorite Spring projects is Spring Security. In most cases, it simplifies web security to just a few lines of code. HTTP Basic, JDBC, JWT, OpenID Connect/OAuth 2.0, you name it—Spring Security does it! You might...

Read more

Rockstar chrome extension is a third-party, Non-Okta Application (as defined in Okta’s Master Subscription Agreement). Okta is not involved in making this chrome extension available, and we have neither oversight nor input into its security features and functionality. For questions regarding this, or any other, Non-Okta Application(s) your organization uses in connection with the Okta Service, please contact the application provider directly for more information. Rockstar is a Chrome extension that adds features to the...

Read more

Security Assertion Markup Language, more commonly known as SAML, is an open standard for exchanging authentication and authorization data between parties. Most commonly these parties are an Identity Provider and a Service Provider. The primary use case for SAML has typically been to provide single sign-on (SSO) for users to applications within an enterprise/workforce environment. Up until the past few years, SAML was considered the industry standard—and proven workhorse—for passing an authenticated user into applications...

Read more

Spring Boot is a ubiquitous and well-supported suite of tools for developing web applications in Java. Database authentication, in which credentials identifying authorized users are stored in a database accessible by the application, is maybe the most common and straightforward method of authenticating users. SAML is a well-supported open standard for handling authentication between identity providers and service providers. Configuring SAML authentication in Spring Security is a common topic, and examples are easy to come...

Read more

Apple’s recent announcement of a single sign-on (SSO) solution, Sign in with Apple, has developers everywhere thinking about how to incorporate it into their application’s infrastructure. Apple is hardly the first organization to introduce SSO—it’s a security-focused methodology that has been available for years—and one of the protocols behind it is SAML. The SAML protocol lets users prove their identities across multiple applications with just one set of login credentials. It was ratified in 2002...

Read more

Read more

If you’re wondering how to configure an ASP.NET application with KentorIT’s AuthServices and Okta, you’ve come to the right place. But before delving into the specifics of how to make Okta work with an SAML-enabled ASP.NET application powered by KentorIT AuthServices, it is worth spending some time going over a critical, but easily fixable issue: Important note : As of March 22nd, 2016, you have 2 choices: Either get the source code of the AuthServices...

Read more