Fawnoos Blog

Guides, walkthroughs and opinions on Open Source Identity and Access Management.

Search By Keyword Search By Topic

Apereo CAS - Delegated Authentication to SAML2 Identity Providers

Learn how your Apereo CAS deployment may be configured to delegate authentication to an external SAML2 identity provider.

Apereo CAS - Master of Puppeteer

Learn how to take advantage of Puppeteer to automate browser-based integration and/or functional tests.

Apereo CAS - Suspicious Authentication Attempts

Learn how to tune the Apereo CAS deployment to track and detect risky authentication attempts based on a variety of factors, while allowing for follow-up configurations and verifications.

Apereo CAS - Weak Password Detection

Learn how to tune the password management features of your Apereo CAS deployment to detect and catch weak passwords that fail the strength criteria of your password policy.

Keycloak - Authentication & User Federation

Learn how to customize Keycloak to build your authentication strategy using Keycloak's user federation features.

Apereo CAS - Have you been pawned?

Learn how Apereo CAS may be configured to check for pawned passwords and warn the user, using the haveibeenpawned.com service

Apereo CAS - LDAP Password Policy Handling with Groovy

Learn how to manage and enforce password policies for LDAP accounts, and take control of the policy handling with Groovy.

Apereo CAS - OpenID Connect Nested Claims

Learn how to build nested or structured claims into an OpenID Connect ID token.

Apereo CAS - Distributed Configuration Management w/ Spring Cloud Bus

Learn how to manage CAS configuration changes in distributed deployments using Spring Cloud, Spring Cloud Bus, and RabbitMQ.

Testing SAML2 Identity Providers

Learn how to configure and run SAML2 service providers with Docker and connect them to your SAML2 identity providers to test integrations and verify the correctness of functionality.

Apereo CAS - Delegated Authentication & Groovy Attribute Extraction

Learn how to delegate and hand off authentication to an external SAML2 identity provider, and script the extraction of attributes from the identity provider response using Groovy.

Keycloak - Customizing Locale Resolution Rules

Learn how to customize Keycloak to build your own locale resolution rules for login forms and theme templates.

Apereo CAS - Customizing Attribute Repositories

Learn how to build or customize sources of person attributes through attribute repositories and the Person Directory project.

Shibboleth Identity Provider - Scripted Attribute Definitions

Review configuration options available in the Shibboleth Identity Provider that allows one to build custom scripted attribute definitions programmatically.

Apereo CAS - Simple Multifactor Authentication

Learn to configure Apereo CAS to act as a simple multifactor provider itself.

Apereo CAS - Formatting Audit Log Outputs

Learn how to format and decorate CAS audit logs with new styles and formats, and include additional fields dynamically via Groovy.

Apereo CAS - Delegated Authentication with Keycloak

Learn how to use Keycloak as an external OpenID Connect identity provider and connect it to CAS for a delegated/proxy authentication scenario.

Apereo CAS - Geolocation of SSO Sessions

Learn how to tighten the security of SSO sessions by locking down cookies to IP addresses or geographical locations.

Apereo CAS - JWT All the Things

A tutorial on how to let Apereo CAS handle authentication events accompanied by JWTs.

Apereo CAS - Authentication Protocol Simulations

Learn how to simulate user authentication attempts and examine responses and payloads in the context of various authentication protocols such as CAS and SAML2.

Apereo CAS - OpenID Connect JWKS with Spring Cloud GCP and Secret Manager

Learn how to configure, secure and manage the OpenID Connect JWKS of your Apereo CAS deployment with Google Cloud SecretManager and Spring Cloud GCP.

Enter your search term: