Example Site Authenticated with OKTA and Shibboleth sP (or OpenAthens and Shibboleth sP)

The document provides an overview of how to setup and configure OKTA with a test Shibboleth sP (Service Provider) instance with a example site which is secured using OKTA. It can be used to explore how OKTA and Shibboleth sP interact with the SAML assertion exchange. The deployment is simple and provides the following: An […]

More...

Create an A Record and an Apex (Root) A Record (using Terraform) within Route53

When using Route53 for DNS, you have the option of using a special AWS only type of record for the Apex or Root record of the domain (zone). Taking an example domain.com, you typically would have a website which has an A record called www.domain.com. But what if you want to have the apex of the domain […]

More...

Exchange Online IMAP, POP3 and SMTP Credentials Flow Testing (OAuth)

As a test we are using OpenSSL to perform some credentials testing using an Enterprise Application configured in Microsoft 365 to connect using IMAP(S) and SMTP via OpenSSL to validate how OAuth modern authentication works. Create Enterprise Application Firstly we create an Enterprise Application, we are going to be using Win64 OpenSSL v3.3.3 Light on […]

More...

Install OpenSSL on Microsoft Windows 10/11

If you want to use OpenSSL on Microsoft Windows, there are a number of packages provided that allow you to do this, in this example we’ll use Shinning Light Production’s OpenSSL MSI Package. Step 1 – Download and Install OpenSSL Download the installer from: https://slproweb.com/products/Win32OpenSSL.html, I used Win64 OpenSSL v3.3.3 Light, but there may be […]

More...

Verify Fingerprint of x509 Certificate from SAML2 XML Metadata

We needed to determine the “fingerprint” of a x509 certificate which was present within SAML2 XML Metadata as part of an update of the metadata during a swap from using Shibboleth IdP as our IdP with using OpenAthens IdP instead. You’ll need to have your own source Metadata from which you want to extract the […]

More...