Posts

Showing posts from 2019

Planning poker

I have always wanted to write about this for years. Like other old, stubborn developers, I hate process changes, and introduced to something I don't know or not familiar with. And these are not technical related to me, and I have no interest in it.

Somehow, after we are forced to do this, and got familiarised with it, we started to enjoy it. We were proud of our team velocity acceleration too!

I still can't differentiate or identify what scrum, agile, and bla bla bla is, but I think we did the estimation and planning right. It helps in our projects and sprints planning.

You could visit Wiki's page on Planning Poker or continue to read this.

I am no longer a developer, and the team dismissed long time ago. Anyway, for me to explain this easier, I will use present tense in the following. :)

Our team consists of a Project Manager, a Product Owner, a Scrum Master, who is also the tech lead of the developers, 4 other developers and 2 QAs. It starts with the features or backlogs…

Include the App Role in Azure AD Enterprise Application SAML response

Image
This post is only focus on including the App Role in the SAML response.

Please refer to the following posts for Setup the App Role and Setup the SAML SSO.

Once you have the App Role setup, the user.assignedroles will be made available in the claim source attributes.

Just select that from drop down for your claim setup.



Setup App role in Enterprise App in Azure AD

Image
I actually tried to figure out the how-to from this article Application roles.

1. Go to Azure Active Directory > App Registrations


For step 5, some tips/rules to follow.

The displayName and value must be in one word, no space is allowed. I learn in hard way.The id can be generated using this Online GUID generatorAlso, in order to support multiple group assignment, the groupMembershipClaim in the manifest must be set to "All", the default value is null. See below:"groupMembershipClaims": "All",


Once this is updated, the new Role will be visible in the user/group assignment.

7. Go to Azure Directory > Enterprise App > Your App > Users and Groups > Add User



The user/group list will be displayed accordingly.


Ta-da, done~

The roles setup in this way is meant for this special application only. To use the roles from Azure AD security group. I haven't check that out.


How to view jks file content

keytool -list -v -keystore [enter keystore file] -storepass [enter keystore password]


Converting .pfx file to .jks file

keytool -importkeystore -srckeystore pkcs12FileName.pfx -srcstoretype pkcs12 -destkeystore jksFileName.jks -deststoretype jks

Setting up SAML-based sign-on for Enterprise application in Azure AD

Image
When I was a developer, I was assigned to a project to enable SAML login from client's IDP to our application. That is the project I wanted to do. I did some study, and then was "requested" to help out a Java project. And someone else "requested" to do research and POC on behalf of myself, and I'll do the development. A funny arrangement by the management. I am trying to convince myself that I am not complaining, but I am not convinced though. Anyway...

In my recent projects (and no longer a developer), I am involved in SAML setup related task. This is my second running on trial version on enterprise tool to figure out, how the client can setup SAML in order to connect to our application. :D

Ignore all the unorganized setup in my Azure account. This is my first time using it, and free trial time is ticking.

This post is mainly to setup the SAML-based sign-on to a 3rd party application in Azure AD. Click on the image to view the original size of it for clea…