Anil's Security and Identity Management Blog
SAML vs OAuth: Which one to use?
Nov 21, 2013 4:00 PM, by Anil Saldhana
Please follow my DZone article on this important topic: http://architects.dzone.com/articles/saml-versus-oauth-which-one
PicketBox XACML v2.0.9.Final Released
Jun 17, 2013 4:49 PM, by Anil Saldhana
PicketBox XACML v2.0.9.Final has been released. You can download it from http://www.jboss.org/picketbox/downloads Information available at https://community.jboss.org/wiki/PicketBoxXACMLJBossXACML Mos...
Authorization (Access Control) Best Practices
May 17, 2013 5:35 AM, by Anil Saldhana
After the recent wrestling match in the blogosphere that included vendors and analysts on XACML, I want to provide some best practices for access control/authorization. The wrestling match is covered ...
Is XACML really dead? Should we all go OAUTH?
May 8, 2013 9:48 PM, by Anil Saldhana
Andras Cser from Forrester has a blog entry titled "XACML is dead ". That is a catchy title for the blog post. :) As a participant in the creation of OASIS XACML v3 specification (http://docs.oasis-op...
JAX-RS and HTTPOnly flag in Cookies
Feb 1, 2013 7:23 PM, by Anil Saldhana
JAX-RS in Java JAX-RS is an important technology/standard/specification in the JavaEE family. Version 1.1 is included in Java EE 6. JAX-RS enables Java applications to become REST enabled. Currently J...
GMail can be key to your digital life
Aug 8, 2012 2:54 PM, by Anil Saldhana
Matt Honan (Wired) has this heart wrenching story of his digital life being erased. The door to this tragedy was his gmail account. http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hackin...
PicketLink and Salesforce/Google Apps Integration
Jul 24, 2012 3:27 AM, by Anil Saldhana
Marek Posolda from the GateIn team has created an excellent article on integrating salesforce or google apps with JBoss. It is done via project PicketLink . The article is at https://docs.jboss.org/a...
LinkedIn has a wake up call
Jun 11, 2012 6:49 AM, by Anil Saldhana
All the IPO fun news - soaring personal assets - increasing cash pile must have gone a bit sour at LinkedIn now. They have probably started living on earth now, like the rest of us. I am referring to ...
When Access Control Systems Fail or are Absent,
May 27, 2012 6:13 AM, by Anil Saldhana
you can have squatters at your company. And they are not in camp sites in your parking lots or dressed differently - they mingle and coexist with your legitimate employees. How cool is that. :) Exampl...
Growing need for Social Intelligence
May 23, 2012 6:24 PM, by Anil Saldhana
In the past, there were firewalls, employee agreements and corporate training to inculcate proper corporate etiquette in employees. As an employee, you were told that when you are in public, then sens...