Enterprises with existing SAML 2.0 based Single Sign-On (SSO) may need to provide support for OAuth 2.0 (in future) to enable various mobile, consumer and social applications to grow their business. The purpose of this blog is to provide a simple implementation of these two technologies working together. Terminologies in OAuth 2.0 & SAML 2.0 … Continue reading Injecting OAuth With SAML Using OGNL
It looks like we are living in the era of security flaws. Recently it was HeartBleed, and now it is about the OAuth and OpenID Flaw discovered last week and termed Covert Reunion or Covert Redirect. Published by Wang Jing, a Ph.D student from Nanyang Technological University in Singapore as Covert Redirect, this flaw states … Continue reading The New OAuth and OpenID Flaw (Covert Reunion AKA Covert Redirect)… How Dangerous Is It Really?
In creating a proof-of-concept iOS app that uses OAuth2 to consume the Google APIs, I began with the OAuth2Client project by the folks at nxtbgthng GmbH. This project is one of oldest and most active OAuth2 client implementations for iOS and OS X. However, while the project is a success, the documentation for getting started can … Continue reading Getting Started with OAuth2Client on iOS