Posts

Showing posts from August, 2012

OPA for HTTP Authorization

Open Policy Agent[1] is a promising, light weight and very generic policy engine to govern authorization is any type of domain. I found this comparion[2] very attractive in evaluating OPA for a project I am currently working on, where they demonstrate how OPA can cater same functionality defined in RBAC, RBAC with Seperation of Duty, ABAC and XACML.  
Here are the steps to a brief demonstration of OPA used for HTTP API authorization based on the sample [3], taking it another level up.
Running OPA Server First we need to download OPA from [4], based on the operating system we are running on.  For linux, curl -L -o opa https://github.com/open-policy-agent/opa/releases/download/v0.10.3/opa_linux_amd64 Make it executable, chmod 755 ./opa Once done, we can start OPA policy engine as a server.
./opa run --server Define Data and Rules Next we need to load data and authorization rules to the server, so it can make decisions. OPA defines these in files in the format of .rego. Below is a sample …

Visualizing Code in Eclipse (Using Architexa)

Image
I am here sharing a nice tool I recently found to draw the diagrams for my final year project at university. When the project is concerned, managing it is challenging with,  code base of the project is pretty largea team is working on the projectwe need to maintain the quality and performance of the project proper documentation is also evaluated So we were searching for an easy to use and nice looking tool to achieve the purposes without making it annoying that, we can focus more on the logic and optimization than decorating a diagram. :) That is were I found this plugin for eclipse called Architexa client, which is free for use.
Following is a sequence diagram I generated using the plugin, which didn't take more than 30s to draw than dragging the relevant classes and setting the relevant calls.

Following is a class diagram generated, that you can clearly observe the clear and smart look of the diagrams.

Pros:

From several tools that I have tried this was more faster and the diagram…

Generating Key Pairs and Importing Public Key Certificates to a Trusted Keystore

Image
Through this I am sharing the most simple scenario to follow in using Java keytool for the requirements of Apache Wookie projects digital signature implementation. Anyway if you are looking to know how to generate a key pair or import a certificate to a Keystore using keytool, still this may be helpful. Refer this segment of Java SE documentation to know in-depth details.
You needs a configuration of Java in your computer to use keytool and that is enough :).

Generating Key Pairs
Use following command in command prompt to generate a keypair with a self-signed certificate keytool -genkey -alias wookie -keyalg RSA -keystore wookieKeystore.jks -keysize 4096 After  -alias give the alias to be used for keys           -keylag give the algorithm to be used in key generation          -keystore give the name of the keystore with type .jks (You can give a path here to store the keystore in a desired place)           -keysize give the length for the generating key in bits This will look something as foll…

Apache Wookie W3C Widget Digital Signature Implementation - GSoC2012

Image
I am here sharing my GSoC 2012 project details which I enjoyed a lot while learning. This includes a brief introduction on the project with it's design, implementation and guidance on using. The implementation has been done using Apache Santuario 1.5.2 release to generate digital signatures. The project is mentored by Scott Wilson who was so helpful and supported by the community. This is Scott Wilson's post on the project.
What is Apache Wookie?
Apache Wookie is a Java server application that allows widget uploading and deployment as useful for variety of applications. This may include gadgets to quizzes and games. Wookie has been based on W3C widget specification while providing flexibility on Google Wave gadgets etc. At the moment of writing, it is in the Apache incubator getting ready to graduate as an Apache Project. 
Objective of the project
The objective this project is to implement the 'W3C XML Digital Signatures for Widgets' specification in Wookie which has bee…