This blog is intended for software system engineers, architects and managers or people generally interested in development, testing and integration of software systems. It is part of profiq’s community effort that has the objective of sharing knowledge and ideas about software system integration, testing and development.
In addition to this technical content, we share updates about life at profiq.
Posted 8 months ago by Ľubomír Mlích
Overview Every web application is intended for humans. If interaction is expected, the application obviously needs to authenticate users, create accounts for them, and keep their credentials secure. This can be a complex task due to security and privacy concerns. While it is possible to create our own solution, it is much easier to use […]
Posted 6 years ago by Gabor Puhalla
I gave a short overview of OpenAM Session Upgrades in a previous article. This is a follow-up that intends to describe the process of configuring it and discussing some of its implications. This blog was sitting back half done as a Draft for several months. It was originally written based on ForgeRock OpenAM 10.x . OpenAM 11 […]
Posted 7 years ago by Gabor Puhalla
profiq just announeced strategic partnership with ForgeRock for system integration of open-source and standard-based Access and Identity Management (IAM) products. This is a fundamental milestone in fulfilling profiq’s system integration and system testing strategy. We have spent the last 8+ years with deploying and testing ForgeRock products and their predecessors and looking forward to offering […]
Posted 8 years ago by Gabor Puhalla
SSO authentication introduces some technical challenges besides providing obvious benefits. Imagine for example that you need to assign different types or levels of authentication to different resources or different actions within a domain. E.g. you allow users to view information, if they successfully authenticate using user name and password, while you may require them to […]
Posted 8 years ago by Nemanja Lukic
Although my use case for certificate based authentication is pretty basic, the existing documentation for Access Manager/OpenSSO/OpenAM is somewhat scarce and requires gathering information from various, often unrelated sources. For that reason, I have summarised the process in this article.