SASL Authentication Mechanisms

Introduction Authentication is used in many protocols (such as LDAP binding) and it usually involves sending password. Given the nature of authentication protocol, its traffic encryption is usually mandatory. Simple Authentication and Security Layer (SASL) is introduced to ensure the security during authentication. It is not a single protocol, but rather a framework for authentication … Read moreSASL Authentication Mechanisms

Security Assertion Markup Language (SAML)

SAML is an XML-based standard for exchanging authentication and authorization data between IdP (identity provider) and service provider. We can compare SAML with LDAP (as authentication protocol) as both are to provide single-sign-on (SSO) feature. LDAP is considered traditional configuration in on-premise operation for organizations. The configuration can be complex and administrators needs to complete … Read moreSecurity Assertion Markup Language (SAML)

Lightweight Directory Access Protocol (LDAP)

Introduction Originally LDAP only refers to the connectivity protocol to the directory server. This term is being used loosely today and it also refers to the actual directory service that supports and complies with LDAP. LDAP v3 is the current version developed in RFC 2251. A directory is information about some set of entities such … Read moreLightweight Directory Access Protocol (LDAP)

Introduction to Active Directory (AD)

Workgroup, homegroup and Windows Domain A workgroup is a group of computers on the same local network. A Windows computer not joined to a domain is part of a workgroup. In a workgroup, no computer has control over any other computer and it does not require a password. Any computer can join or leave a … Read moreIntroduction to Active Directory (AD)

Nginx as a reverse proxy for Nifi web UI and Kibana

Nginx can act as a application neutral proxy. One example is to front Nifi. The nifi default configuration provides an HTTP access point, specified in the following entries in nifi.properties: Nifi can provide secure port by commenting out the lines above and provide the followings: However, it does require configuring JKS keystore for Java, as … Read moreNginx as a reverse proxy for Nifi web UI and Kibana