fhanik’s gists

fhanik / gist:42abffc9f5759a18ddd7e133073de20b

Created September 12, 2016 15:12

	public class DefaultTlsDirContextAuthenticationStrategy extends AbstractTlsDirContextAuthenticationStrategy {
	private static final String SIMPLE_AUTHENTICATION = "simple";

	protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException {
	ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SIMPLE_AUTHENTICATION);
	ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn);
	ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
	//must perform an action for the credentials to be used
	ctx.reconnect(null);
	}

fhanik / sample.java

Created August 23, 2016 21:52

	public class SamlConfigurationBean implements InitializingBean {
	private String signatureAlgorithm = "...default value here";
	public void setSignatureAlgorithm(String s) {
	signatureAlgorithm = s;
	}

	public void afterPropertiesSet() throws Exception {
	BasicSecurityConfiguration config = (BasicSecurityConfiguration) Configuration.getGlobalSecurityConfiguration();
	config.registerSignatureAlgorithmURI("RSA", signatureUrl);
	if (signatureUrl.equals(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1))

fhanik / Setting SAML Configuration.xml

Created August 23, 2016 21:37

	<bean id="samlConfiguration"
	class="org.opensaml.xml.Configuration"
	factory-method="getGlobalSecurityConfiguration">
	</bean>

	<bean id="setSamlSignatureAlgorithm1" class="org.springframework.beans.factory.config.MethodInvokingBean">
	<property name="targetObject" ref="samlConfiguration"/>
	<property name="targetMethod" value="setSignatureReferenceDigestMethod"/>
	<property name="arguments">
	<list>

fhanik / Pivotal Logo.yml

Created August 23, 2016 19:05

	product_logo: \|
	iVBORw0KGgoAAAANSUhEUgAAAfwAAAB0CAYAAABgxoASAAAfFUlEQVR4Ae1dYXLbthIGZKXJv/qdoOoJmpwgzAlecoI6J4gzsWfs9
	oftH4k9E2finCDuCZKewMwJ4pwg7gnq9y9pZeHtgqItyZREcpckKH6YkUWBwGLxAcYCi8XCmjLhcOuMskVlslaax5pL48y5L8NaenZ
	fxuXFZkS/f3+dvKuUiQqIa+G9e2wr4A4kgQAQAALdRqAlY3R/pVrJmXWqT+Tr5Bx/PfbPxuyZHv0+3DLG0oTAOfrYL/SJWzsJGFcMX
	0AACAABIAAE8iCwWgI/T42duU9S/z4JfvqiScDR1iU9xKQZ+NOYtdjsHl3kIYM0QAAIAAEgAATahED3BP5s63itgGNNAH2GPAE4NyP
	zh/lneGr2T2gygAAEgAAQAAJAoP0I9NpfBeUasAbAmrfmbv9vc/jiPW0DRMolgBwQAAJAAAgAgdoRgMBfCLndoNdnJPT5Ey1MipdAA
	AgAASAABAJGAAI/X+NElOzMHG1/MIc7g3xZkAoIAAEgAASAQDgIQOAXaQvHe/3Dr7Ta3y+SDWmBABAAAkAACDSNAAR+uRbYI+O+z1j
	tlwMPuYAAEAACQKB+BCDwy2LujfuGn83L7ftlSSAfEAACQAAIAIG6EIDAlyDNR/p6jlb62xsSMsgLBIAAEAACQKBqBHAOXwVhR8f3t
	o3ZfX2qQg5EgAAQCA+Bm5M6ER3d/ZGcdfER3nX6fm52j+PwGAZHQGAaAQj8aTwEv0jov3pxaX5781FABFmBABBoCoH9zXXyv0FbdHZ
	gjBsYa38hN9zrJNTvk1Bfn2LLe+6mmPR76iV+AIEwEYDA12yXnn1Pe/oX8M+vCSpoAYGKEPBbce7X8Sp9whZnLMWT+zgg1CuCH2TrR

fhanik / gist:8a53c86d6b40ea1e0cc1d2c2febc9dbf

Created August 18, 2016 21:36

CC server log

cloud_controller_ng.log:{"timestamp":1471552388.7302814,"message":"Request failed: 500: {\"code\"=>10001, \"description\"=>\"error: Failed to open TCP connection to uaa.identity.cf-app.com:443 (getaddrinfo: Name or service not known)\", \"error_code\"=>\"CF-BadTarget\", \"backtrace\"=>[\"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/cf-uaa-lib-b1e11235dc6c/lib/uaa/http.rb:171:in `rescue in net_http_request'\", \"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/cf-uaa-lib-b1e11235dc6c/lib/uaa/http.rb:157:in `net_http_request'\", \"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/cf-uaa-lib-b1e11235dc6c/lib/uaa/http.rb:145:in `request'\", \"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/cf-uaa-lib-b1e11235dc6c/lib/uaa/token_issuer.rb:77:in `request_token'\", \"/var/vcap/packages/cloud_controller_ng/cloud_controller_ng/vendor/cache/cf-uaa-lib-b1e11235dc6c/lib/uaa/token_issuer.rb:246:in `client_credentials_grant'\", \

fhanik / id_token auth-code.java

Last active May 20, 2016 21:55


	public class AuthcodeApplication extends OpenIdConnectConfigurerAdapter {
	@RequestMapping("/oidc")
	public String oidc(IdToken token) {
	System.out.println("First name:" + token.getFirstName());
	return "oidc";
	}

	@Override
	protected void configure(OpenIdConnectSecurity http) throws Exception {

fhanik / gist:d84b286a4e3ce09ee35e

Created February 23, 2016 01:38

why does bosh update uaa_z1 when trying to recreate uaa_z2

	Task 7076 done

	+------------------------------------+---------+---------------+-------------+
	\| Job/index \| State \| Resource Pool \| IPs \|
	+------------------------------------+---------+---------------+-------------+
	\| api_worker_z1/0 \| running \| small_z1 \| 10.10.16.36 \|
	\| api_z1/0 \| running \| large_z1 \| 10.10.16.38 \|
	\| clock_global/0 \| running \| medium_z1 \| 10.10.16.45 \|
	\| consul_z1/0 \| running \| small_z1 \| 10.10.16.30 \|
	\| consul_z2/0 \| running \| small_z2 \| 10.10.80.30 \|

fhanik / zone2.json

Created February 19, 2016 23:04

	{
	"id": "38204504-7159-4948-8f35-74ab944cdb9a",
	"subdomain": "zone2",
	"config": {
	"tokenPolicy": {
	"accessTokenValidity": -1,
	"refreshTokenValidity": -1,
	"keys": null
	},
	"samlConfig": {

fhanik / ubuntu-certs.txt

Created February 8, 2016 22:54

Ubuntu Certs /etc/ssl/certs

	total 908
	lrwxrwxrwx 1 root root 26 Mar 31 2015 00673b5b.0 -> thawte_Primary_Root_CA.pem
	lrwxrwxrwx 1 root root 29 Mar 31 2015 024dc131.0 -> Microsec_e-Szigno_Root_CA.pem
	lrwxrwxrwx 1 root root 31 Mar 31 2015 02b73561.0 -> Comodo_Secure_Services_root.pem
	lrwxrwxrwx 1 root root 25 Mar 31 2015 034868d6.0 -> Swisscom_Root_EV_CA_2.pem
	lrwxrwxrwx 1 root root 50 Mar 31 2015 039c618a.0 -> TURKTRUST_Certificate_Services_Provider_Root_2.pem
	lrwxrwxrwx 1 root root 16 Mar 31 2015 03f2b8cf.0 -> WoSign_China.pem
	lrwxrwxrwx 1 root root 40 Mar 31 2015 052e396b.0 -> AddTrust_Qualified_Certificates_Root.pem
	lrwxrwxrwx 1 root root 27 Mar 31 2015 062cdee6.0 -> GlobalSign_Root_CA_-_R3.pem
	lrwxrwxrwx 1 root root 25 Mar 31 2015 064e0aa9.0 -> QuoVadis_Root_CA_2_G3.pem

fhanik / b-oct-2015.txt

Created October 22, 2015 19:02

Branches Oct 2015

	2015-06-11 14:17:01 -0700 4 months ago cdutra@pivotal.io origin/feature/allow_special_characters
	2015-06-17 10:36:01 -0700 4 months ago cdutra@pivotal.io origin/feature/manage_password_policy
	2015-06-26 16:13:56 -0700 4 months ago cdutra@pivotal.io origin/feature/enforce_password_novelty
	2015-07-06 10:24:47 -0700 4 months ago cdutra@pivotal.io origin/feature/default_sortby_created
	2015-07-28 15:48:24 -0700 3 months ago cdutra@pivotal.io origin/feature/extend_group_zones_endpoint
	2015-08-11 18:17:40 -0700 2 months ago cdutra@pivotal.io origin/spike/app-slo-spike
	2015-09-03 15:52:39 -0700 7 weeks ago cdutra@pivotal.io origin/feature/app_context_invitation
	2015-09-04 09:20:38 -0700 7 weeks ago cdutra@pivotal.io origin/feature/invitations_api
	2015-09-16 10:12:20 -0700 5 weeks ago cdutra@pivotal.io origin/feature/invite_users_api
	2015-10-13 11:12:32 -0700 9 days ago jcoffield@pivotal.io origin/feature/contextual-copyright-org

	Task 7076 done

	+------------------------------------+---------+---------------+-------------+
	\| Job/index \| State \| Resource Pool \| IPs \|
	+------------------------------------+---------+---------------+-------------+
	\| api_worker_z1/0 \| running \| small_z1 \| 10.10.16.36 \|
	\| api_z1/0 \| running \| large_z1 \| 10.10.16.38 \|
	\| clock_global/0 \| running \| medium_z1 \| 10.10.16.45 \|
	\| consul_z1/0 \| running \| small_z1 \| 10.10.16.30 \|
	\| consul_z2/0 \| running \| small_z2 \| 10.10.80.30 \|

Filip Hanik fhanik