PinnedSPIFFE in a NutshellI have been studying SPIFEE(Secure Production Identity Framework For Everyone)[1] for some time and here I am drafting the flow as I have…Jan 29, 20191Jan 29, 20191
PinnedTomcat JDBC Pool — Connection Leaks — Catch the CulpritDatabase connection leaks are something that can stay hidden unless paid specific attention and would come to the surface at the most…Apr 28, 2020Apr 28, 2020
PinnedEvolving Landscape of AuthorisationAccess Control domain is a hot topic again with different fronts of innovations happening. These advancements are promising and seems…Jan 6, 2023Jan 6, 2023
OpenLDAP Logging for TroubleshootingRecently I had the opportunity to be a part of a root cause analysis of a LDAP unavailability issue. We could see the LDAP was fully…Mar 4, 2024Mar 4, 2024
Hands on with OPA — 2 : Merging ObjectsTry it out here at https://play.openpolicyagent.org/p/6ZsiOVpApvMar 23, 2023Mar 23, 2023
Hands-On with OPA policiesTo start with, I will share few details on how we approached OPA as a candidate technology for a revamp we have been doing. We had…Mar 20, 20231Mar 20, 20231
Cache, the demanding friendThis post is to keep a summarised note on different caching approaches as applicable for a distributed monolithic application in general…Nov 13, 20221Nov 13, 20221
Scalable, Reviewable & Maintainable Solution to Customize Email Templates in OktaRecently we had an interesting requirement to be catered in our Okta based IAM system which I briefly describe below.Sep 4, 2022Sep 4, 2022
My Reading on Google Zanzibar: Consistent, Global Authorization SystemJust to capture my thoughts on Google Zanzibar based on the published research paper at…Jul 28, 20221Jul 28, 20221
Google One Tap without loosing sight of your usersUser authentication is an ever-evolving aspect which has gone through rapid revamps along the path, from basic authentication…Oct 26, 2021Oct 26, 2021
OPA for HTTP AuthorizationOpen Policy Agent[1] is a promising, lightweight and very generic policy engine to govern authorization is any type of domain. I found…Jan 30, 2019Jan 30, 2019
Authorization for a Multi-Cloud SystemThis is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust…Dec 29, 2018Dec 29, 2018
Application-wise Authorization WSO2 Identity Server — User Store per Service ProviderApplicable version — WSO2 Identity Server 5.3.0 onwardJan 30, 2017Jan 30, 2017
Apache Wookie W3C Widget Digital Signature Implementation — GSoC2012I am here sharing my GSoC 2012 project details which I enjoyed a lot while learning. This includes a brief introduction on the project with…Jan 1, 2017Jan 1, 2017
