October 21, 2016

Katasoft5 WordPress Hacks We Used to Build Authentication [Technorati links]

October 21, 2016 03:50 PM

Stormpath just announced the release of our Stormpath WordPress plugin, which allows you to use Stormpath inside of your WordPress website. While writing this plugin, we had to “hack” the native WordPress authentication system to get our SDK working seamlessly. I’m excited to share some of the hacks we were able to leverage!

We had one goal when writing this plugin, use as much of the internal WordPress functionality we could to keep it as simple as possible. The plugin uses the same login and registration forms, as well as the same forgot and reset password workflows to make a seamless transition between using the built-in authentication with the Stormpath authentication.

Early in the build, we realized that the native WordPress login system wasn’t going to make things as easy as we’d hoped. In order to accomplish this, we had to use a collection of hooks and filters to tap into the authentication and user registration processes.

Add a Function to the Authenticate Filter

The authenticate filter is called when a user posts the form found at wp-login.php. If you open this file, you will find it’s huge (I really mean it… this thing has just under 1000 lines including comments) and it handles everything from registration to password reset. The part of this file that we are interested in is what happens when the login form is submitted.

Ultimately, a function is added to the authenticate filter that calls wp_authenticate_username_password OR wp_authenticate_email_password. This is the gold that we were hoping for. Now we know that the functions we need to work with are these two, which we’ll combine into a single function.

// Default authentication filters
add_filter( 'authenticate', 'wp_authenticate_username_password',  20, 3 );
add_filter( 'authenticate', 'wp_authenticate_email_password',     20, 3 );

The next part of this is the key to the whole system. We want to completely overwrite the functions for authentication, so we no longer need the functions that core WordPress calls. Let’s remove the filters after we add ours.

add_filter( 'authenticate', [ $this->authenticate, 'authenticate' ], 10, 3 );

remove_action( 'authenticate', 'wp_authenticate_username_password', 20, 3 );
remove_action( 'authenticate', 'wp_authenticate_email_password', 20, 3 );

Now, we are fully using our own authentication method when someone tries to log into our WordPress install. This all still uses the default login screens that come with core WordPress to make it seamless.

Custom Code for Password Updates

We now have the ability to have a user log into the system, but what happens when they update their profile? For our system, we need to know when they update their password so we can update our system with the change. We found that if we used the profile_update action we could hook into that and run some custom code to get the updated password.

add_action( 'profile_update', [ $this->authenticate, 'profile_update' ], 10, 2 );

This action will provide you with two variables, $userId and $oldData. You’ll notice there is no reference to the new data that is submitted, but that’s ok because we still have access to the POST variables. There are a few updates we have to do inside of the profile_update function.

First you must verify the nonce since we are posting a field and working with these values. It can be a little odd locating the nonce field we need to use to verify, but once you find it, you will see that it is update-user_$userId where $userId is the first property. In order to follow the coding standards for WordPress, you must sanitize the input and slash it. Once you combine the whole setup, you get the following:

if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ), 'update-user_' . $userId ) ) {
  wp_die( 'nonce not valid' );

After the verification of the nonce passes you can safely continue with the rest of the process that you setup during the user profile changing you need when a user profile is changed.

Hack the Forgot Password Workflow

Much like the profile_updated action, the after_password_reset function is used when the forgot password workflow is finished so you can update your user object with the new password. The difference in this action is what is passed to the function. Here we are passing the new password the user entered. This is nice for us as we don’t need to verify a nonce, and we can simply use the variables from the function. Add this action:

add_action( 'after_password_reset', [ $this->authenticate, 'password_changed' ], 10, 2 );

Then take the two properties, find your user object in your database, and then update the password accordingly.

Mod User Registration From Within WordPress

This may be the best action of all! It uses the same registration form from within the WordPress admin panel but lets us access everything we need to create our own user. The internals of the user_register action is a little crazy. It happens after a user is already registered inside of the WordPress database and then will be triggered so we can hook into it. The action will provide only a user id of the user that just registered. Let’s go ahead and register the action we want to provide when a user registers and is stored in the WordPress database.

add_action( 'user_register', [ $this->authenticate, 'user_registered' ], 10, 1 );

Since we still maintain some reference to the user inside of the WordPress database, we need to get the WP_User object that was just registered.

$user = new WP_User( $wpUserId );

Next, you need to verify the nonce. We do this exactly like the last time, but using create-user as the action in the verify method.

if ( ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce_create-user'] ) ), 'create-user' ) ) {
  wp_die( 'nonce not valid' );

Now, this is the part that hung me up for a while. I needed to get the user’s password so we could store it in the Stormpath system. I went through many different iterations, trying to figure out if I could somehow reverse engineer the password hash. Ultimately, I dug into the post variables and found that I still had access to them in my action. Perfect. That allowed me to get the Password field and store it in a parameter after sanitizing it. Now that I had that, I could create a Stormpath user object and store it.

$account->email = $wpuser->user_email;
$account->password = sanitize_text_field( wp_unslash( $_POST['pass1'] ) );
$account->givenName = $wpuser->user_firstname;
$account->surname = $wpuser->user_lastname;
$account->username = $wpuser->user_login;

Simple Error Messaging at Login

The last filter is a simple one that’s not needed to get authentication functional but does help you display different messages to your user when they go to login in with invalid info. At Stormpath, we believe in not providing hints on what is correct and incorrect during the login. Saying this like “The password you entered for the user is invalid” gives a hacker too much information. By default, WordPress will do this kind of thing, so we wanted a way to change it. With the login_errors filter, we can set custom messages for error codes, and even set our own error codes to display on the login form for other messages from the Stormpath system. Here is what our actual function looks like for the Stormpath WordPress plugin:

public function login_errors( $errors ) {
  global $errors;
  $err_codes = $errors->get_error_codes();

  $error = $errors->get_error_message();

  if ( in_array( 'invalid_username', $err_codes ) ) {
     $error = '<strong>ERROR</strong>: Invalid username or password.';

  if ( in_array( 'invalid_email', $err_codes ) ) {
     $error = '<strong>ERROR</strong>: Invalid username or password.';

  if ( in_array( 'incorrect_password', $err_codes ) ) {
     $error = '<strong>ERROR</strong>: Invalid username or password.';

  if ( in_array( 'authentication_failed', $err_codes ) ) {
     $error = '<strong>ERROR</strong>: Invalid username or password.';

  if ( in_array( 'stormpath_error', $err_codes ) ) {
     $error = '<strong>ERROR</strong>: There was an error logging you in. Please let the administrator know you received a ' . $errors->get_error_data()['code'] . ' code during login.';

  return $error;

We have a few checks to see which error we are talking about and then set the error message. In the future, I plan to add the shake option, a feature that will shake the login form when there is an error. Some of the error codes in our list won’t trigger a shake, but again, because WordPress gives us a way to hook into virtually everything, we can add shakeable error codes via a filter.


I hope that these filters and actions give you some insight in how we hacked the authentication system of WordPress to create a plugin to do Stormpath authentication seamlessly. There are many other filters and actions that you can hook into to add your own functionality and you can find them on the WordPress Codex. I would love to hear about your experience with any fun actions and filters you set up on your own. Shoot me a tweet @bretterer with details about it.

// Brian

The post 5 WordPress Hacks We Used to Build Authentication appeared first on Stormpath User Identity API.

Julian Bond [Technorati links]

October 21, 2016 08:36 AM

[from: Google+ Posts]

Nat SakimuraEU司法裁判所判断:IPアドレスは個人情報だがログなどへの保存は合法~Legitimate Interest [Technorati links]

October 21, 2016 08:29 AM


曰く、『EU: IPアドレスも個人情報とする新判断・承諾なしでのアクセスログの保管は違法に』[1]

『EU: IPアドレスも個人情報とする新判断・承諾なしでのアクセスログの保管は違法に』


記事中、オーストリア大手紙「Der Standard」の報道[2]を参照しているが、Google翻訳で見た限り元記事はそんなことは言っていない。



IPアドレスは個人情報(a piece of personal information)でありうるが、GDPRで言うLegitimate interest によって保存は合法[3]。普通に考えて当たり前の結論。






Copyright © 2016 @_Nat Zone All Rights Reserved.

Matthew Gertner - AllPeersUse This Simple Formula to Ensure that You Don’t Undercharge for Your Dental Services [Technorati links]

October 21, 2016 05:47 AM
Don't Undercharge for Your Dental ServicesPhoto by CC user Erik Christensen on Wikimedia Commons

Trying to determine how much to bill patients for dental work can be quite a challenge because there are so many state- and office-related variables to consider. However, there are a few ways in which you can calculate actual dental costs and use this information to set prices that are fair for patients – while still being profitable for you. Below is a little information on how to go about calculating the right prices if you are afraid that you might undercharge for your dental services.

1. Calculate your Per-Procedure Cost

The first step you’ll need to take in order to determine the cost of dental procedures is to calculate how much your practice pays for each procedure. This will involve more than just figuring out the cost of items such as waste disposal and dental tools. Calculating these costs should also include the expected time for the procedure, as well as the number of employees that are involved with performing it. It is necessary to determine a per-person hourly rate and apply that when determining your labor cost. This will provide you with an estimate regarding how much your time and that of your employees is really worth.

2. Determine what it Costs to do Business

After setting your per-procedure cost, you will need to determine the cost of doing business from day to day. What does it cost to rent your practice space? How much do utilities cost? What are the costs of waiting room and office supplies? Although these can sometimes be classified as hidden costs because they aren’t directly linked to specific procedures, they should still be counted as essential expenses. While doing this, it is also a good idea to look at ways to reduce other costs. For example, you can do away with the charge on financing and perform credit checks by using SimplePay. This system provides patients with an easy way to pay for their treatment, without you having to outlay costs to provide a line of credit.

3. Decide on your Profit Margin

All businesses are in operation to make a profit. Your dental practice needs to work in the same way if you want to stay in business. After determining an hourly per-procedure rate and figuring out what each hour of running your practice costs, you can determine a baseline cost for each of your procedures. This is the amount that would only cover the essential needed to perform the procedure and nothing else. From there, you will be able to see how much of a profit should be added to the total. While this figure is also largely set by competitors in the immediate vicinity, you should also consider the number of times you perform a specific procedure, as well as the overall level of expertise you provide to your patients.

A workable formula to determine a practical cost schedule for your dental work comes down to your tools, accessories, the cost of doing business and how much profit you would like to make. While this can change based on the area you work in and your competitors, it does serve as a good starting point.

The post Use This Simple Formula to Ensure that You Don’t Undercharge for Your Dental Services appeared first on All Peers.

October 20, 2016

ForgeRockThe ForgeRock Identity Summit London 2016 [Technorati links]

October 20, 2016 07:37 PM

This week, the opulent Grand Connaught Rooms played host to the ForgeRock Identity Summit London. Situated in the heart of central London – steps from Drury Lane and Covent Garden – the venue has a history dating back to 1775. Over the years it has entertained society balls, politicians, royalty and the world’s most famous. And now ForgeRock, our customers, prospects and partners can be added to the Rooms’ long list of illustrious visitors. In fact, this year’s event was a sell-out: we were thrilled to welcome over 350 identity professionals from all across the European region – ForgeRock’s largest international event to date.


It was an early start for everyone but, bolstered by coffee and a hearty breakfast, the event got off to a strong start. Stuart Hodkinson, Regional Vice President for UK & Ireland officially opened the event before handing over to Robert Humphrey, CMO, who acted as MC for the day. Having established that Mike Ellis had been CEO of ForgeRock for ‘billions of years,’ Robert welcomed him to the stage for his keynote address. The main theme of Mike’s presentation was trust and the role of identity as a digital enabler. Ensuring that identity is at the centre of everything will deliver a superior customer experience and could mean the difference between being success or failure.

Identity Summit LondonMike was followed by Gartner’s Ant Allan for the first keynote talk of the day. Widely recognized as a prominent member of the IAM research community, Ant gave a presentation that centered on identity and access management in digital business. He spoke on how new business designs are blurring the digital and physical worlds (PokemonGo anyone?), asserting that because the future is perimeter-less, businesses will need greater agility to participate. “Identity can be an accelerator or an inhibitor,” Ant explained as he laid out his “bimodal identity” concept, leaving us with this prediction: “through 2020, 40% of organizations will suffer significant setbacks in several digital business initiatives due to misaligned IAM programs.”

Following Ant was a discussion between Mike Ellis and Albert Hitchcock, Chief Technology and Operations Officer Pearson, the world’s leading learning company. Albert explained how Pearson has significantly shifted its structure and focus over the last two years. The benefits of Pearson’s digital transformation are beginning to be felt, helping it become more capable of improving education in the world’s great developing economies.

Following this was a presentation by the BBC’s Phil Fearnley, head of the myBBC project and the BBC homepage. Phil asserted that “Identity is about knowing your customers better,” and described the myBBC vision as an effort to make the BBC online feel personal and relevant to viewers. With digital identity from ForgeRock, the BBC is creating individual experiences that the viewer controls, delivering the best of BBC content based on personal preferences.

Identity Summit London The BBC’s Phil Fearnley sets out the vision for myBBC.

We closed out the morning session with a panel discussion featuring Phil Clement, Global Chief Marketing and Communications Officer, AON Corporation; George Marcotte, Digital Go-to-Market Lead, UK & Ireland, Accenture; Emma Lindley, Founder, Innovate Identity. Led by Robert Humphrey, the discussion was a lively take on digital identity and its impact on business strategy. The quest for the digital customer is driving technology change across the enterprise: Gartner predicts that by 2017, CMOs will outspend CIOs on technology. Ms. Lindley explained that “identity is the necessary plumbing for digital transformation” as the discussion touched on the partnership between marketing and IT that is required to design a meaningful digital customer experience.

After lunch, ForgeRock SVP of Product Daniel Raskin gave an overview of the company’s solutions, and provided some insight into ForgeRock’s emerging cloud offerings. After Daniel, Eve Maler took the stage. ForgeRock’s VP of Innovation, Eve shared insights and lessons learned from active PoCs that require a new generation of privacy and consent. Eve explained how the emerging User Managed Access standard can be applied to authorization, consent, and delegation scenarios across a wide variety of sectors.

The second panel discussion of the day, led by Daniel, featured Steve Pannifer, Chief Operations Officer, Consult Hyperion; Mike Pegman, Head of Secure Service Design, Business Transformation Group, Department for Work and Pensions (DWP); and Adam Gwinnett, Head of Digital Architecture, HM Courts & Tribunals Service. There was consensus that the relationship between user experience and identity is critical in both the private sector and public sector. All three panelists shared lessons learned, as well as how to plan for the future of identity and the impact of the IoT.

After a short break, ForgeRock’s Simon Moffat, Wayne Blacklock, Jon Knight and Victor Ake provided a “Backstage Tour of Identity” – an exploration of the real-world challenges online businesses face as they grow to Internet scale. Covering the live deployment and configuration of components within the ForgeRock Identity Platform, the group walked the audience through platform capabilities including single view of the customer, social media registration, multi-factor single sign on, consent-driven sharing and IoT integration. Mike Ellis helped out (ok, stole the show) with some live electric guitar. Rock on Mike!

Identity Summit London ForgeRock CEO Mike Ellis riffing on identity during the Backstage Tour.

Closing out the day with a special keynote was journalist and author Kate Russell. Well known in the UK as the tech reporter with BBC Click, Kate explored the essential role of privacy and consent in a world where consumers are increasingly tech-savvy, and technology becomes ever more invasive. Referencing AirBnB and car-sharing services, Kate asked “what does your identity say about you?” In the digital world we can try and control the way the world sees us, but what we can’t control is how much trust people put in that narrative.

And with that, ForgeRock Identity Summit London 2016 was a wrap. Mike closed things out with a few closing remarks and the assembled room of identity and IT professionals retreated for some beverages and hors d’oeuvres. Well-deserved! Thanks to everyone from ForgeRock, our customers, partners and the wider identity community that came together to make the ForgeRock Identity Summit London our most successful event of the year. Onward to Paris!


Anne Hecht is Senior Director of Corporate Communications at ForgeRock.









The post The ForgeRock Identity Summit London 2016 appeared first on ForgeRock.com.

KatasoftTutorial: Get Started with AngularJS, Spring Boot, and Stormpath [Technorati links]

October 20, 2016 04:12 PM

Last year, Micah Silverman wrote about integrating Spring Boot, Spring Security, and Stormpath. Today, I’m going to take you on a similar journey, except this time you’ll be using AngularJS and Stormpath’s AngularJS SDK for the UI. Along the way, you’ll learn how to create REST endpoints with Spring Data REST, configure Spring Boot to handle cross-domain requests, and use Stormpath to make authentication a breeze.

Get Started with AngularJS

To get started with AngularJS, I used to recommend cloning Angular’s angular-seed project. I wrote about developing a simple Angular app with angular-seed early last year. I followed that up with an article on testing your Angular app.

As part of a recent update to the JHipster mini-book, I created my own my angular-seed fork that uses UI-Router, Gulp, and Browsersync. This project will be the starting point for this tutorial. This tutorial assumes you have Node.js, Git and Gulp installed.

To begin, clone my fork of the angular-seed project and install all its dependencies:

git clone https://github.com/mraible/angular-seed.git angularjs-spring-boot-stormpath
cd angularjs-spring-boot-stormpath
npm i

TIP: You can also use Facebook’s yarn as an alternative to npm. It caches downloads and can be up to 11 times faster with a warm cache. I tried it on this project and found it took 20.63 seconds the first time I ran “yarn install”. The second time, it took 0.14 seconds! You can install yarn with npm using npm -g install yarn.

After you’ve performed these steps, your browser should launch and you should see a screen like this:

First view

You can modify one of its CSS files (e.g. app/css/app2.css) to add some body padding:

body {
    padding: 10px;

When you save the file, Browsersync will auto-reload your changes and things look a bit better.

First view with padding

Angular has a $resource service that allows you to easily make HTTP calls to a REST endpoint. In the following section, you’ll use $resource, and a JSON file to create an application that allows searching and editing. After that, you’ll change to use Spring Boot for that endpoint. Finally, we’ll integrate Stormpath to provide the following:

  1. Registration
  2. Login
  3. Logout
  4. Forgot Password
  5. Only allow admins to search

Add a Search Feature

The AngularJS code below might look a bit different than you’re used to. This code uses John Papa’s Angular 1 Style Guide. This guide promotes an opinionated way to write AngularJS 1.x applications; allowing you to worry less about syntax and naming conventions and more about your code.

To create a new feature, you’ll need a few different files:

  1. search.service.js to interact with your data
  2. search.controller.js to contain your controller logic
  3. search.html to display your rendered data
  4. search.state.js to contain routing information

Create app/search/search.service.js and populate it with the following JavaScript:

(function () {
    'use strict';

        .factory('SearchService', SearchService);

    SearchService.$inject = ['$resource'];

    function SearchService($resource) {
        return $resource('/api/search/people.json');

The $resource service is not included by default in angular-seed. To add it to your project, add "angular-resource": "~1.5.0" to your dependencies in bower.json, or run the following command:

bower install angular-resource --save

To activate this service in your application, add a link to angular-resource.js in app/index.html.

And reference it as a dependency in app/app.js.

angular.module('myApp', [

In addition to using $resource, SearchService reads from a people.json file. Create app/api/search/people.json with the following contents:

    "id": 1,
    "name": "Peyton Manning",
    "phone": "(303) 567-8910",
    "address": {
      "street": "1234 Main Street",
      "city": "Greenwood Village",
      "state": "CO",
      "zip": "80111"
    "id": 2,
    "name": "Demaryius Thomas",
    "phone": "(720) 213-9876",
    "address": {
      "street": "5555 Marion Street",
      "city": "Denver",
      "state": "CO",
      "zip": "80202"
    "id": 3,
    "name": "Von Miller",
    "phone": "(917) 323-2333",
    "address": {
      "street": "14 Mountain Way",
      "city": "Vail",
      "state": "CO",
      "zip": "81657"

Now that the data and service are in place create app/search/search.html to search and display data.

Name Phone Address
{{person.name}} {{person.phone}} {{person.address.street}}
{{person.address.city}}, {{person.address.state}} {{person.address.zip}}

In this file, there are two “vm” (a.k.a. view-model) variables that the template expects in its controller: vm.term and vm.searchResults. Create app/search/search.controller.js to expose these variables:

(function () {
    'use strict';

        .controller('SearchController', SearchController);

    SearchController.$inject = ['SearchService'];

    function SearchController(SearchService) {
        var vm = this;

        vm.search = function () {
            SearchService.query(vm.term, function (response) {
                var results = response.filter(function (item) {
                    return JSON.stringify(item).toLowerCase().includes(vm.term.toLowerCase());
                vm.searchResults = results;

To make things look better, you can add some new CSS rules to app/css/app2.css:

table {
    margin-top: 10px;
    border-collapse: collapse;
    width: 100%;

th {
    text-align: left;
    border-bottom: 2px solid #ddd;
    padding: 8px;

td {
    border-top: 1px solid #ddd;
    padding: 8px;

Add a link to the search feature in app/index.html by adding a “search” menu item:

To make this link work, you need to create a search.state.js file in the search directory that configures the “search” state.

(function () {
    'use strict';


    stateConfig.$inject = ['$stateProvider'];

    function stateConfig($stateProvider) {
            .state('search', {
                url: '/search',
                templateUrl: 'search/search.html',
                controller: 'SearchController',
                controllerAs: 'vm'

The final step to enabling search is making sure all the JavaScript files are referenced in app/index.html:

At this point, you should be able to run “gulp”, click on the search link and perform a search. For example, below is a screenshot after searching for “Von”.

Search for Von

If you’ve made it this far, congratulations! If you encountered issues along the way, see the add search feature commit to see what’s changed since cloning the original angular-seed project.

Add an Edit Feature

For the edit feature, you’ll create similar files to what you did for the search feature.

  1. edit.state.js to contain routing information
  2. edit.controller.js to contain your controller logic
  3. edit.html to display your rendered data

You’ll reuse the search.service.js and add a new fetch function for retrieving a single record.

Search.fetch = function (id, callback) {
    Search.query(function (response) {
        var results = response.filter(function (item) {
            return item.id === parseInt(id);
        return callback(results[0]);

Create app/edit/edit.state.js to route “/edit/{id}” URL to the EditController.

(function () {
    'use strict';


    stateConfig.$inject = ['$stateProvider'];

    function stateConfig($stateProvider) {
            .state('edit', {
                url: '/edit/:id',
                templateUrl: 'edit/edit.html',
                controller: 'EditController',
                controllerAs: 'vm'

Create app/edit/edit.controller.js and create a simple controller that fetches a person’s record by the passed in identifier.

(function () {
    'use strict';

        .controller('EditController', EditController);

    EditController.$inject = ['SearchService', '$stateParams'];

    function EditController(SearchService, $stateParams) {
        var vm = this;

        SearchService.fetch($stateParams.id, function (response) {
            vm.person = response;

Add app/edit/edit.html and populate it with the following HTML to display a person’s information.



Add a link to the edit state from app/search/search.html:


And add a link to the new JavaScript files you added in app/index.html:

TIP: If you get tired of adding <script> tags in your index.html, you can use gulp-inject to add new files automatically.

Finally, add some CSS in app/css/app2.css to make the form look a bit better.

form {
    line-height: 2;

address {
    font-style: normal;

After making all these changes, you should be able to search for a person, click on their name and view their information.

Edit Von

Get Started with Spring Boot and Stormpath

Spring Initializr is a project that makes it super easy to get started with Spring Boot. It’s deployed at https://start.spring.io by default and Stormpath has an instance deployed at http://start.stormpath.io. Our instance has Stormpath Spring Boot starters available, and they should be available soon on the default instance.

To create an application with Spring Boot and Stormpath, go to http://start.stormpath.io and select the following dependencies: Web, JPA, H2, Stormpath Default, and DevTools. DevTools is a handy plugin for Spring Boot that allows you to hot-reload the application when you recompile any Java files.


Click “Generate Project” and download the resulting demo.zip file. Expand the file and copy its contents into the Angular project you created (e.g. angularjs-spring-boot-stormpath).

Because you’ve integrated Stormpath in this project, you’ll need a Stormpath account and API Keys to start the application. If you don’t have an account, go to https://api.stormpath.com/register and sign up. A developer account is free, with up to 10K API calls per month.

Register for Stormpath

You’ll receive an email to activate your account. Click on the activation link and login to your account.

Stormpath Activated

Click on the “Create API Key” button and copy the resulting file to ~/.stormpath/apiKey.properties.

Create API Keys

At this point, you should be able to start the Spring Boot app by running mvn spring-boot:run. When you open http://localhost:8080 in your browser, you’ll be prompted to login using basic authentication. You can turn off basic authentication if you want (using security.basic.enabled = false in src/main/resources/application.properties), but you can also integrate Stormpath with Spring Security instead.

To add Stormpath support to Spring Security, create src/main/java/com/example/SecurityConfiguration.java with the following code.

package com.example;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import static com.stormpath.spring.config.StormpathWebSecurityConfigurer.stormpath;

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {

After recompiling this class and waiting for your application to reload, go to http://localhost:8080. You’ll be prompted to log in with Stormpath’s login form.

Thymeleaf Login

You won’t be able to log in because you haven’t created any accounts in your default application. Click on “Create Account” to create a new account. You can use the same email address as you did when you registered.

Thymeleaf Registration Form

After completing registration, you should be able to log in using the email and password you entered.

NOTE: The above steps are covered in Stormpath’s Spring Boot Quickstart Guide.

You’ll likely see a 404 page from Spring Boot after you’ve successfully logged in.

404 from Spring Boot

This is because Stormpath redirects to / by default. To make it so you don’t see an error, create a homepage at src/main/resources/static/index.html with the following HTML:

Hello World

The auto-discovery of HTML files in this directory is covered in Spring Boot’s static content documentation. If you want to make your homepage dynamic, you have to create a Controller that serves up a Thymleaf template. Thymeleaf is enabled by default when using the Stormpath Spring Boot starter.

To see what this looks like, create src/main/java/com/example/HomeController.java with the following code.

package com.example;

import com.stormpath.sdk.account.Account;
import com.stormpath.sdk.servlet.account.AccountResolver;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpServletRequest;

public class HomeController {

    public String home(HttpServletRequest request, Model model) {
        String name = "World";
        Account account = AccountResolver.INSTANCE.getAccount(request);

        if (account != null) {
            name = account.getGivenName();

        model.addAttribute("name", name);

        return "index";

Then create src/main/templates/index.html to say hello to the user with their name.


If you compile HelloController and DevTools reloads your application, you’ll likely see the following error:

org.thymeleaf.exceptions.TemplateInputException: Error resolving template "index", template 
might not exist or might not be accessible by any of the configured Template Resolvers

Restarting your application manually will solve this issue, but a better solution is to configure the Spring Boot Maven plugin to add resources.


This setting will allow you to modify templates and see the changes immediately without restarting your server.

If you’re still logged in, you should be able to refresh your browser and see a page like the one below.

Hello Stormpath!

You might notice that clicking the “Logout” button will prompt you to log in again. If you’d prefer to show the homepage and allow users to click a link to log in, you can allow this in your Spring Security configuration. Simply update SecurityConfiguration.java to have the following. While you’re at it, add protection for the API endpoints you’re about to create.

protected void configure(HttpSecurity http) throws Exception {

For more information on the features that Stormpath provides for Spring Boot and Spring Security, see A Simple Web App with Spring Boot, Spring Security, and Stormpath – in 15 Minutes.

Add an API Endpoint

To add an API for /people, you’re going to need some data first. Spring Boot’s Spring Data JPA provides an easy way to do this. You’ll need a JPA entity to represent your data, so create src/main/java/com/example/Person.java.

package com.example;

import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;

public class Person {

    private Long id;
    private String name;
    private String phone;
    private Address address;

    public Long getId() {
        return id;

    public void setId(Long id) {
        this.id = id;

    // getters and setters removed for brevity

    public String toString() {
        return "Person{" +
                "id=" + id +
                ", name='" + name + '\'' +
                ", phone='" + phone + '\'' +
                ", address=" + address +

Create an Address.java class in the same directory.

package com.example;

import javax.persistence.Embeddable;

public class Address {

    private String street;
    private String city;
    private String state;
    private String zip;

    // getters and setters removed for brevity

    public String toString() {
        return "Address{" +
                "street='" + street + '\'' +
                ", city='" + city + '\'' +
                ", state='" + state + '\'' +
                ", zip='" + zip + '\'' +

Then create src/main/resources/data.sql to create sample data on startup.

insert into person (name, phone, street, city, state, zip) 
  values ('Peyton Manning', '(303) 567-8910', '1234 Main Street', 'Greenwood Village', 'CO', '80111');
insert into person (name, phone, street, city, state, zip) 
  values ('Damaryius Thomas', '(720) 213-9876', '5555 Marion Street', 'Denver', 'CO', '80202');
insert into person (name, phone, street, city, state, zip) 
  values ('Von Miller', '(917) 323-2333', '14 Mountain Way', 'Vail', 'CO', '81657');

Spring Data JPA provides JPA repositories that make it easy to CRUD an entity. The Spring Data REST project provides support for creating JPA repositories and exposing them as REST endpoints.

Add the Spring Boot starter for Spring Data REST to your pom.xml.


Create a PersonRepository.java file in src/main/java/com/example that utilizes Spring Data REST.

package com.example;

import org.springframework.data.repository.PagingAndSortingRepository;
import org.springframework.data.repository.query.Param;
import org.springframework.data.rest.core.annotation.RepositoryRestResource;

import java.util.List;

@RepositoryRestResource(collectionResourceRel = "people", path = "people")
public interface PersonRepository extends PagingAndSortingRepository {

    List findByName(@Param("name") String name);


To make all Spring Data REST endpoints have an /api prefix, add the following to src/main/resources/application.properties.


Using HTTPie, you should be able to login via the command line using:

http -f POST localhost:8080/login login=mraible+stormpath@gmail.com password=

To see the data at /api/people, copy the access token from the result of the command above and use it in an Authorization header.

http localhost:8080/api/people Authorization:'Bearer '

You can also login with your browser and navigate to http://localhost:8080/api/people.

People JSON in browser

In this example, there’s a PersonRespository#findByName method that allows you to search by a person’s full name. Below is an example call to this REST endpoint.


You’ll notice this doesn’t provide full-text searching. Spring Data Elasticsearch is a good place to start if you’re looking for full-text searching.

Integrate AngularJS with Spring Boot

To integrate the AngularJS with Spring Boot, let’s first turn off Stormpath so you can access api/people without logging in. Modify SecurityConfiguration.java to remove the stormpath() hook and allow all requests.

protected void configure(HttpSecurity http) throws Exception {

Next, modify app/search/search.service.js to talk to http://localhost:8080/api/people, configure the ‘query’ function to not expect an array, and change the search function to handle the new data structure.

function SearchService($resource) {
    var Search = $resource('http://localhost:8080/api/people', {}, {
        'query': {isArray: false}

    Search.search = function (term, callback) {
        if (term == undefined) { // handle empty search term
            term = '';
        Search.query(function (response) {
            var people = response._embedded.people;
            var results = people.filter(function (item) {
                return JSON.stringify(item).toLowerCase().includes(term.toLowerCase());
            return callback(results);

    // Search.fetch function

    return Search;

Fire up your Angular app using gulp, then try its search feature. You’ll see an error in your console when you try to search. This happens because of your browser’s same-origin policy.

SOP Error

Spring Boot supports Cross-Origin Resource Sharing (CORS) to help solve this issue. However, it only works for Spring MVC, not Spring Data REST (see DATAREST-573 for more information). The good news is the Spring Framework provides a CorsFilter you can use for filter-based frameworks. Add the following to SpringConfiguration.java.

public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    return bean;

After making these changes and waiting for your application to reload, you should be able to search people, just like you did before.

Enable Stormpath

To make everything work with Stormpath enabled, there’re several things that need to happen:

  1. Re-enable Stormpath in SecurityConfiguration.java
  2. Add Stormpath’s AngularJS SDK to the Angular app
  3. Create pages and controllers for Login, Logout, Registration, and Forgot Password

Revert the changes you made in SecurityConfiguration.java to allow all requests.

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {

To add Stormpath’s AngularJS SDK to your project, you can use Bower.

bower install stormpath-sdk-angularjs --save

Add these new files to app/index.html:

Open app/app.js and add these two Stormpath dependencies at the bottom of the list.

angular.module('myApp', [

Modify the config block in this file to configure Stormpath to point to Spring Boot on http://localhost:8080.

config(['$stateProvider', '$urlRouterProvider', 'STORMPATH_CONFIG', 
  function($stateProvider, $urlRouterProvider, STORMPATH_CONFIG) {
  // For any unmatched url, redirect to /view1

  STORMPATH_CONFIG.ENDPOINT_PREFIX = 'http://localhost:8080';

In the same app.js file, add a run block, place it below the config block (make sure you move the semicolon from the config block to the run block):

run(['$stormpath', function($stormpath){
    loginState: 'login',
    defaultPostLoginState: 'view1'

This configures Stormpath to do the following:

Modify app/index.html to adjust the menu so only logged in users can access view2 and the search feature. This code makes use of the if-user and if-not-user directives, which are documented in the AngularJS SDK docs.

NOTE: There is an issue in the Stormpath’s Java SDK where if-user-in-group=”ADMIN” doesn’t work. A fix will be available in a future release. In the meantime, there’s a workaround in Stormpath’s AngularJS SDK.

Since no “login” state exists yet, you’ll need to create one. Create app/login/login.state.js and populate it with the following.

(function () {
    'use strict';


    stateConfig.$inject = ['$stateProvider'];

    function stateConfig($stateProvider) {
            .state('login', {
                url: '/login',
                templateUrl: 'login/login.html'

No controller is needed because Stormpath provides the Controller for you. Create app/login/login.html and use the spLoginForm directive to render the login form.

Add login.state.js to index.html.

At this point, I noticed my console said I was not allowed to access http://localhost:8080/me because my origin (http://localhost:3000/me) was not supported. After debugging, I figured out this was because the main StormpathFilter comes before the CorsFilter. To fix this, add the following to application.properties.


After making this change, you should be able to hit http://localhost:3000 and click the Login link.

AngularJS Login

It doesn’t look great by default, but that’s because the default template expects Bootstrap to be one of the CSS files. Add Bootstrap with Bower (bower install bootstrap --save), add a <link> in app/index.html, and the form becomes a lot prettier.

Bootstrap Login

You should be able to login with the username and password combination you registered with earlier.

NOTE: There’s an issue when trying to logout cross-domain with the Stormpath’s Spring Boot integration. We hope to have a fix soon. In the meantime, refreshing your browser after clicking the Logout link will show you have successfully logged out.

Unlike the Spring Boot Thymeleaf templates, the AngularJS spLoginForm directive does not include a link to register. You can add this above the form by modifying app/login/login.html and adding the following HTML at the top.

Login or Create Account

After making this change, the login form looks more like the Thymeleaf version.

Login with Create Account

However, the “Create Account” link won’t work since there is no “register” state yet. To create it, add app/register/register.state.js:

(function () {
    'use strict';


    stateConfig.$inject = ['$stateProvider'];

    function stateConfig($stateProvider) {
            .state('register', {
                url: '/register',
                templateUrl: 'register/register.html'

Create a register.html file in the same directory.

Create Account

TIP: Wrapping the template in a .container-fluid class removes the horizontal scrolling you can see in the previous screenshot.

Add a reference to register.state.js in app/index.html.

Now clicking on the “Create Account” link should render a registration form.

AngularJS Registration Form

When I first tried to register using this form, I received a strange error.

Unable to invoke Stormpath controller: Unable to read JSON value from request body: 
No content to map due to end-of-input at [Source: org.apache.catalina.connector.
CoyoteInputStream@19b6af88; line: 1, column: 0]

To fix this, I had to modify app/app.js and set the form content type to application/json.

STORMPATH_CONFIG.ENDPOINT_PREFIX = 'http://localhost:8080';

There is an open issue to remove this extra step in Stormpath’s AngularJS SDK.

The last step is to configure the state for the Forgot Password feature. Create app/forgot/forgot.state.js and populate it with the following code.

(function () {
    'use strict';


    stateConfig.$inject = ['$stateProvider'];

    function stateConfig($stateProvider) {
            .state('forgot', {
                url: '/forgot',
                templateUrl: 'forgot/forgot.html'

Create forgot.html in the same directory and use the spPasswordResetRequestForm directive in it.

Forgot your password?

Don’t forget to add a reference to this new state in app/index.html.

Now, you should be able to click the Forgot Password link in the Login form. However, the current release of Stormpath’s AngularJS SDK doesn’t support Angular’s hashbang mode and expects HTML5 mode. The Forgot Password link doesn’t work in hashbang mode.

The easy way to workaround this is to pass in a $locationProvider to the config block in app/app.js and set HTML5 mode to true.


You’ll also need to add <base href="/"> to the <head> of app/index.html to make HTML5 mode work. This does cause issues with Browsersync reloading; I haven’t figured out a solution for that yet.

If you don’t want to use HTML5 mode in your AngularJS application, you can override the templates to provide relative links. For example, you can change login.html to point to your customized template.

Then you can create app/stormpath/login.tpl and tweak the default template so the registration link uses UI Router’s ui-sref directive.

Forgot Password

Both methods will allow you to navigate to the “forgot” state when clicking on the “Forgot Password” link.

AngularJS Forgot Password


I hope you’ve enjoyed this tour of AngularJS, Spring Boot, and Stormpath. I showed you how to do a number of things in this article:

  1. Create a simple AngularJS application with a search feature
  2. Create a Spring Boot application with Stormpath integrated
  3. Communicate between the AngularJS and Spring Boot apps cross-domain
  4. Add login, registration, and forgot password features to the AngularJS application

The source code for the completed application referenced here is available at https://github.com/stormpath/angularjs-spring-boot-stormpath-example.

In future posts, I’ll talk about how the Stormpath’s AngularJS SDK can be used to prevent access to certain states and hide links to different groups. I also plan to show you how to integrate Stormpath into JHipster.

As far as Stormpath’s Angular 2 support—we’re working on it! We hope to have something for you to experiment with by Thanksgiving (November 24).

If you have any questions, don’t hesitate to leave a comment or hit me up on Twitter at @mraible.


The good Dr. Dave Syer wrote an excellent blog series in 2015 on integrating AngularJS with Spring Boot and Spring Security.

  1. Spring and Angular JS: A Secure Single Page Application
  2. The Login Page: Angular JS and Spring Security Part II
  3. The Resource Server: Angular JS and Spring Security Part III
  4. The API Gateway Pattern: Angular JS and Spring Security Part IV
  5. SSO with OAuth2: Angular JS and Spring Security Part V

The post Tutorial: Get Started with AngularJS, Spring Boot, and Stormpath appeared first on Stormpath User Identity API.

Ludovic Poitou - ForgeRockLondon Identity Summit 2016 [Technorati links]

October 20, 2016 12:23 PM

Yesterday, ForgeRock hosted the London Identity Summit, 2016 Series.

lp0_6452Mike Ellis, ForgeRock CEO, launching the London Identity Summit.

Attended by more than 300 customers, prospects, partners, the event was a great success. For a short summary of the event, check ForgeRock blog. Highlights, presentations, etc will all be available shortly at https://summits.forgerock.com/london/. Meanwhile all my photos of the event are available here, and you can get a feel of the pulse of the event through the twitter stream (hashtag #IdentitySummit)

The next Identity Summit will be held in Paris on November 15th. I hope to see you there.


Filed under: Identity Tagged: 2016, conference, ForgeRock, IdentitySummit, photos, summit
October 19, 2016

Matthew Gertner - AllPeers3 Ways to Beat a Sexual Assault Charge [Technorati links]

October 19, 2016 06:52 PM



frustrated-1174084_1280It can prove to be one of the most daunting criminal charges to ever recover from.

In the event you have been charged with sexual assault, where do you go from here?

First and foremost, reaching out for legal help is your most important initiative. While some individuals can’t afford legal assistance (they may need to turn to a public defender), others know it will oftentimes be money well spent.

With a sexual assault attorney by your side, you are able to not only defend yourself, but improve the odds of not being convicted. Remember, such a conviction can lead to jail time, heavy fines, not to mention a major impediment for both your personal and professional lives.

So, are you ready to do what it takes to beat a sexual assault charge?


Defending Your Life Now and Down the Road

So that you can give yourself the best defense possible, turning to Greater Houston Defense professionals (or those closer to where you reside) is your first step.

Once you have that attorney in your corner, he or she can advise you on how best to win your case.

Among the three tips you should remember:

  1. Innocence – Most importantly, stating your innocence from day one is crucial. Remember, all eyes and ears will be on each thing you say and do from the moment you have been charged. Doing something out of character etc. can lend more suspicion being sent your way. Also, make sure you are totally honest with your legal team, giving them any information they need to make your case of innocence;
  2. Defense – Be sure you provide your attorney and their staff with as much evidence to show your innocence as possible. Can someone place you at another location during the time of the alleged assault? If so, video evidence of this (cell phones etc.) can prove quite valuable. Strong character witnesses testifying on your behalf will also be beneficial to your case. It would be hard (even for a jury) to refute the testimony of several people able to clearly state and demonstrate you were nowhere near the scene of the alleged assault. If you were at a party when the alleged assault took place, you can still use strong character witnesses to testify on your behalf;
  3. Questions – Lastly, are their substantial questions in the claims of the individual or individuals accusing you of sexual assault? If so, your attorney can poke holes in their story or stories. Remember, it is up to the prosecution to prove beyond a shadow of doubt that you are guilty. If the alleged victim or victims have made false allegations in the past etc. this could be the opening your attorney needs. There may also be issues of jealousy and/or revenge on their part that led them to make these accusations.


Weighing the Verdict

In the event your case does go to trial, you typically have a 50-50 chance of walking free.

Just as businesses have to manage crisis situations from time to time, you need to manage this one that has engulfed your personal and professional lives. When at trial, be as professional and polite as possible. Keep in mind that your legal team is there to both represent and speak for you. Unless it is decided that you going on the stand is wise, keep your composure at all times.

As for the alleged victim or victims, both you and your legal team need to be respectful of them at all times. Nothing looks worse to a jury than if the defense team appears to be attacking an alleged victim.

Lastly, if you are cleared of charges, use the experience as an educational tool moving forward.

How did you end up in this situation in the first place? Was there something you could have done or said to have prevented it?

By educating yourself, you greatly lessen the chances of ever being in such a predicament again.



The post 3 Ways to Beat a Sexual Assault Charge appeared first on All Peers.

KatasoftUser Authentication in Java 8 [Technorati links]

October 19, 2016 06:49 PM

Java 8 added many new features that both modernize and simplify the language. Today, I’ll walk you through how some of these new features impact authentication, authorization, and user management. We’ll explore a few of the most important new features, including: Lambdas, method references, and Streams. But first, some background on Stormpath and the code that backs this post which can be found here.

Stormpath: Never Built Auth Again

The Stormpath Spring Boot WebMVC Integration adds default views to your app for common authentication and authorization workflows. This includes registration, login, and forgot password, among others. You get all of this for your application with no additional programming on your part.

Getting setup with Stormpath is super easy and it’s totally free to start. Follow the QuickStart here to create a Stormpath account.

Even easier: click the friendly Heroku Deploy button below to deploy the example app to your Heroku account including the provisioning of a Stormpath Account!


All that’s required to add the Stormpath integration to your Spring Boot WebMVC project is a single dependency:


Boom! Instant authentication!

Lambdas: Reduce Boilerplate and Add Functional Programming

The Stormpath Spring Boot integration includes as a feature the ability to have registration and login pre and post handlers. This is handy for triggering secondary functionality, like logging events or sending messages when someone registers or logs in.

Prior to Java 8, you’d set this up with an anonymous instantiation of the WebHandler interface. It looks like this:

public WebHandler registerPreHandler() {
    return new WebHandler() {
        public boolean handle(HttpServletRequest req, HttpServletResponse res, Account account) {
            log.info("----> PreRegisterHandler");
            return true;

Here’s the lambda version of the same thing:

public WebHandler registerPreHandler() {
    return (HttpServletRequest request, HttpServletResponse response, Account account) -> {
        log.info("----> PreRegisterHandler");
        return true;

Aside from reducing the code by four lines, it demonstrates how lambdas reduce boilerplate code and implement functional interfaces. A functional interface has a specific definition: an interface that contains a single abstract method declaration.

In the above example, Java is able to infer the correct type to create based on the return type of registerPreHandler, which is WebHandler. This can be further simplified by removing the parameter types as Java can infer that as well. For single-line implementations, the code can be even further reduced:

public WebHandler loginPostHandler() {
    return (request, response, account) -> account != null;

Method References: Small and Readable

When using the Stormpath Java SDK, you are often working with a collection of some sort, say Accounts, for instance. The interface for a collection of Accounts is AccountList. We often get the question, why not just have: List<Account>? The reason is that we support auto-paging and an AccountList has its own href as it extends the Resource interface as well. Auto-paging is a built in capability whereby the implementation will fetch the next page of data without you having to manage that manually.

The bottom line is that you’ll often want to transform your results into a form that is easily serializable and can be converted automatically by Spring Boot into a json response.

The first thing we want to do is to take our results and load them (or a portion of them) into a list. In the old days of Java 7, we would do something like this:

List accountList = new ArrayList();
AccountList accounts = application.getAccounts(Accounts.criteria().limitTo(LIMIT));
for (Account account : accouns) {

In Java 8, we can write a much more terse version of the same thing. Each of the following accomplishes the same thing:

// making use of lambdas
accounts.forEach((Account a) -> {

// since it’s one line, we don’t need the braces and Java can infer the type
accounts.forEach(a -> accountList.add(a));

// method reference for the win

When both the parameter type in the iterator and the parameter being passed into a method can be inferred, you can use a method reference in the form of <variable>::<method>.

It’s still very clear what is going on reading the code, but it is significantly more terse.

You can use both method references and constructor references in Java 8. For more on this, look here.

Streams: Fun with Collections

For the sake of this example, here’s the setup: We want to get back a list of Accounts, limited to a result size of 50. We only want to include accounts where the email address does not end in stormpath.com AND, we only want to return certain fields of each Account in a JSON response.

Here’s the old-school approach:

public List accounts() {
    List accountDetails = new ArrayList();
    AccountList accounts = application.getAccounts(Accounts.criteria().limitTo(LIMIT));

    for (Account a : accounts) {
        if (!a.getEmail().contains("@stormpath.com")) {
            accountDetails.add(new AccountDetails(
                a.getGivenName(), a.getSurname(), a.getFullName(), a.getEmail(), a.getUsername()

    return accountDetails;

Here’s the approach with lambdas and streams:

public List accountsLambda() {
    AccountList accounts = application.getAccounts(Accounts.criteria().limitTo(LIMIT));

    List accountList = new ArrayList();
    return accountList.parallelStream()
        .filter(a -> !a.getEmail().contains("@stormpath.com"))
        .map(a -> new AccountDetails(
            a.getGivenName(), a.getSurname(), a.getFullName(), a.getEmail(), a.getUsername()

Both versions return the exact same results. The second example represents a much more functional approach. Additionally, it has some efficiencies that can make the response time faster, especially for large result sets. We’ll look at that in a moment, but first, a disclaimer:

Line 5 is necessary as the AccountList interface does not yet support the new streams interface. It is therefore necessary in this example to first convert our AccountList into a List<Account>. In upcoming releases of the Stormpath Java SDK, we will integrate the new Java 8 interfaces into our collection classes.

On line 7, we take our List object and get a parallelStream from it. This is a powerful new feature of Java 8 that takes advantage of multi-core processors without you having to do any specialized programming. That is, without any changes to your code, the more cores the machine the example is running on, the faster it will run.

On line 8, we use the filter method to exclude those Accounts where the email ends with stormpath.com. The filter method returns back the stream, allowing us to chain methods together.

Lines 9 – 11 use the map method to easily transform the Account object into an AccountDetails object, which is easily converted to JSON by Spring Boot. The map method also returns a stream, so we can continue chaining. However, the stream is returns is of type AccountDetails now: Stream<AccountDetails>.

Finally, line 12 collects what’s coming from the stream into a list of type AccountDetails, which is what we return from the method.

The filter and map methods are referred to as “intermediate stream operations”, while the collect method is referred to as a “terminal stream operation”.

Which Java is Right for You?

With the 1.0 release of the Java SDK, Stormpath officially ended support for Java 6. We’ve seen continuous growth for Java 8 adoption over the last year and it is now in the majority in terms of Java version in use with Stormpath. That said, many of our customers are still on Java 7. Oracle officially ended updates for Java 7 in April, 2015 and Java 9 will be released in 2017.

So, what does all that mean? While the older Java 7 language constructs will continue to work, the Java 8 functional interfaces for Lambdas and Streams are the way to go to get the most out of your multi-core production environment.

Learn More

Interested in learning more about user authentication in Java or Spring Boot? We have some great resources for you to check out!

  • Web App Tutorial – Spring Boot + Stormpath
  • Token Auth for Spring Boot + Stormpath
  • SSO with Spring Boot + Stormpath
  • The post User Authentication in Java 8 appeared first on Stormpath User Identity API.

    Matthew Gertner - AllPeersIs Pain Derailing your Life? [Technorati links]

    October 19, 2016 06:11 PM


    Pain impacts millions of people in countless different ways.

    For those unable to withstand the daily barrage, it can be overwhelming at times. Others, meantime, manage it through one way or another, but it isn’t fun. If pain has you in its grips, what are you doing to overcome it?

    The first step to take in fighting pain is convincing yourself you will get the upper-hand. Letting pain win out is not a winning proposition. In fact, it can start your life in a downward spiral. When you put forth a plan to defeat pain, you’ve already got a winning attitude.

    Beating Pain Where It Hurts

    After deciding that you will the fight against pain, then next important piece of the puzzle is getting help.

    Where will you turn for assistance? Will you end up spending lots of money? Can you truly find a pain specialist willing to turn your life around? Will you get a full recovery or will pain be a part of your life in some manner? These are but a few of the questions you will try and answer. As you will likely discover, getting the answers is not always easy.

    Start by finding a pain treatment facility, one that in fact is willing to go the extra mile for you. One that will put in the time needed to help assist you. Lastly, one that has your best interests in mind and not just taking money your hard-earned dollars.

    Whether that pain specialist is Heilman Center for Pain and Spine Care or another such facility, make sure you find the best. 

    Use the Best Resources to Get Help

    As you search for a pain treatment center, keep in mind that there are plenty of resources at your fingertips.

    First, lean on family and friends, the people that know you the best. Put them to work in providing advice and tips on where to locate help.

    One or more people you know may very well be dealing with similar pain issues. As such, they can give you their two cents on how they’re battling the problem.

    Secondly, the Internet is a tremendous source of information, one that can be your best resource in the end.

    If you do turn to the worldwide web, starting by doing a Google search is your best bet. From there, review a number of pain treatment center websites. Such sites should provide you with a number of crucial points of information.

    This includes:

    Your End of the Bargain

    Finally, remember the talk earlier about you having to sport a positive attitude? This is oftentimes the most crucial component that comes into play.

    First, you have to look at how committed you are to putting pain in reverse. Second, are you willing to make changes in your lifestyle if necessary? Lastly, will you spend the necessary funds to seek whatever treatments are required?

    In many instances, both the first and second items are linked together. Keep in mind that as important as commitment is, changes to your lifestyle may be in order. Such changes are especially important as you get older. As your body ages, fighting pain can prove even more difficult. As such, you sometimes have to do double the work you did even just a decade ago.

    Whether you’ve had chronic pain for years or are dealing with a recent accident, you want the pain to go away. In order to increase the odds of that happening, don’t quit. If you quit, you let pain ultimately win.

    In the battle you are set to wage against pain, be sure to optimize as many helpful resources as possible.

    By finding the right pain treatment center, you are already sending a message to the pain you are fighting.

    That message is simply saying you are in it to win it for the rest of your life. Anything less is clearly not acceptable as you move forward with your life and enjoy those golden years.

    Don’t let pain derail your life, a derailment that can prove costly in so many ways.I

    The post Is Pain Derailing your Life? appeared first on All Peers.

    MythicsDo Winning Awards Like Oracle Partner of the Year Really Matter?!? Absolutely and Here is Why… [Technorati links]

    October 19, 2016 02:22 PM

    A customer recently asked me about the value of awards partners receive from IT vendors…

    Nat SakimuraCODE BLUE とコスプレコンパニオン [Technorati links]

    October 19, 2016 09:59 AM

    CODE BLUEというカンファレンスがある。主催者に寄ると「世界トップクラスのセキュリティ専門家による日本発の情報セキュリティ国際会議」[1]で、内容が充実しているらしいことは以前から聞いていた。今年は10月20日、21日と東京で開催される。



    国際会議として未成熟な印象を受ける。割とびっくりした。RSA Confとかと同じ感じなのかなあ。Code of Conduct とか ドラを叩く役に求められる属性について真剣に話をしてるコミュニティもあるのに、こういう方向にいっちゃうのはなんか残念。

    B氏:これは、このコンテスト部分の担当してる人達がこういうジェンダーバイアスの事とかにまったく無自覚ってことですね。今年は出し物増やしたためか、スタッフ増えすぎてスーパーバイズされ切ってない印象も。日本のセキュ関係者のTwとかFbで言ってること見てると さもありなんな感じではあるんですけど…。今はあのロシア女子学生のメイドカフェで大盛り上がりしてるし。日本発で始めたから、そういう日本のセキュコミュの未成熟な部分に無自覚でモロ出ししちゃってるって印象。まずは情けない。






    E氏:RSAはBooth Babe 禁止になったと思いますが。



    あとはJacob AppelbaumがセクハラでTor Projectから解雇された件が数ヶ月前にありましたけど、彼の問題行動の告発には裏付けがあると考えられたので、PacSecと本家のCanSecWestではJacobを5年間出入り禁止にする宣言しました。

    G氏:事実知らないんだろうなと思います。想像もつかないんじゃないかな。日本の男女比とか、marginalized peopleに対する雇用のなさとか知ったら、即刻国際社会から排除されるレベルでしょうね。













    Copyright © 2016 @_Nat Zone All Rights Reserved.

    Kaliya Hamlin - Identity WomanThe Identity Film from IIW [Technorati links]

    October 19, 2016 12:57 AM

    This film is getting released at IIW. When it is up it will be posted below.

    The post The Identity Film from IIW appeared first on Identity Woman.

    Kaliya Hamlin - Identity WomanDigital Death a Matrix of Questions [Technorati links]

    October 19, 2016 12:49 AM

    I was invited to give a talk at Privacy Identity and Innovation about the Digital Death and the conference that has happened a few times Digital Death Day.
    I chose to lay out a matrix of questions that have arisen from the work. Enjoy the talk.

    Digital Death a Matrix of Questions and Considerations from Privacy Identity Innovation on Vimeo.

    The post Digital Death a Matrix of Questions appeared first on Identity Woman.

    Nat Sakimuraデータ漏洩が15%、件数は31%増加。1/3が医療業界から。(Gemalto レポート) [Technorati links]

    October 19, 2016 12:48 AM

    Gemalto の Breach Level Indexレポートが発行されました。それによると、2016年上半期のデータ漏洩は、


    なお、英語版のサマリはこちら→ http://breachlevelindex.com/

    Copyright © 2016 @_Nat Zone All Rights Reserved.

    Kaliya Hamlin - Identity WomanTEDx Constitution Drive: Exploring Identity [Technorati links]

    October 19, 2016 12:43 AM

    After TEDxBrussels in 2011 I was invited to present at TEDx Constitution Drive. Enjoy!

    The post TEDx Constitution Drive: Exploring Identity appeared first on Identity Woman.

    Kaliya Hamlin - Identity WomanTalk at TEDx Brussels [Technorati links]

    October 19, 2016 12:35 AM

    I was invited to give a talk at TEDx Brussels.
    I explain Identity in the context of the Future. Enjoy!

    The post Talk at TEDx Brussels appeared first on Identity Woman.

    Kaliya Hamlin - Identity WomanRethinking Personal Data: 3 WEF reports [Technorati links]

    October 19, 2016 12:11 AM

    I met Marc Davis at SXSW in 2010, we instantly clicked and began working together. He was on contract to develop pre-reading material for a WEF meeting in the fall about Personal Data. I contributed significantly to the document which became the basis of the first Rethinking Personal Data project Report, Personal Data the Emergence of a New Asset Class. [click on the image to download the report].



    I remained actively engaged in the project and two of the Appendixes in the 2nd report were authored by me.  The MindMap of Personal Data Types and the Value Network Analysis of the Exploitive Personal Data Ecosystem (Both of these are in the My Data, My Value, 6 Sense Making Diagrams) [Click on the image to download the report PDF]



    Diagrams that appeared in the third report I helped sketch out with Bill Hoffman. Here is the Third WEF report PDF [click on the document image].


    WEF Report #3 write up on my Blog.


    WEF Report #3: Unlocking the Value of Personal Data!

    The post Rethinking Personal Data: 3 WEF reports appeared first on Identity Woman.

    October 18, 2016

    Kaliya Hamlin - Identity WomanMy Data, My Value: 6 Sense Making Diagrams [Technorati links]

    October 18, 2016 11:26 PM

    I was invited to present in the Personal Data Track at the Cloud Identity Summit, 2016 in New Orleans.

    This is the talk I gave. It also came with a two sided 11×17 sheet with all 6 diagrams (just below).

    My Data, My Value: 6 Sense Making Diagrams from the Personal Data Ecosystem. from Kaliya "Identity Woman" Young

    Diagrams for My Data, My Value: 6 Sense Making Diagrams from the Personal Data Ecosystem from Kaliya "Identity Woman" Young

    The post My Data, My Value: 6 Sense Making Diagrams appeared first on Identity Woman.

    Kaliya Hamlin - Identity WomanIdentity 101, Boot Camp for Identity North 2016 [Technorati links]

    October 18, 2016 10:59 PM

    This June I was invited to present the Identity 101 BootCamp ahead of the Identity North Conference in Toronto. People arrived 90 min early at 8am for this presentation.

    I walk through some of the core vocabulary for identity (authentication, authorization, enrollment, verification and contextualize the different contexts (Enterprise, Government and User-Centric)  and power structures that operates within. We also include the Identity Spectrum between verified and anonymous ID there is a whole range and some combinations) The presentation ends sharing Kim Cameron’s Laws of Identity and the Properties of Identity.

    Identity 101: Boot Camp for Identity North 2016 from Kaliya "Identity Woman" Young

    The post Identity 101, Boot Camp for Identity North 2016 appeared first on Identity Woman.

    Kaliya Hamlin - Identity WomanIdentity and Social Justice [Technorati links]

    October 18, 2016 10:50 PM

    I co-presented Identification and Social Justice with Bob Blakley who is the Global Director, Information Security Innovation at Citi as the closing keynote at the Cloud Identity Summit in Colorado.

    I gave this presentation in 2012 at the Cloud Identity Summit as the Closing Keynote address. It highlights issues that surround the rich having privilege and able to manage their identities more favorably then the poor.


    Identification and social justice from Kaliya “Identity Woman” Young

    The post Identity and Social Justice appeared first on Identity Woman.

    Matthew Gertner - AllPeers5 Reasons a Career in Social Work Might Be for You [Technorati links]

    October 18, 2016 06:04 PM

    Have you been struggling to figure out what career path you should take that will be fulfilling and allow you to have a job that you’ll love to go to every day? Then perhaps you should consider getting an education that will lead you to a career in social work. Continue reading to learn just five reasons why this path might be perfect for you.


    1. You Want to Make a Difference in Your Job Every Day

    If you see people in need and you want to help them, and you want to have a job that will allow you to make a positive difference in the lives of others each day, you should definitely consider getting your masters in social work from a school like Rutgers University, which also offers MSW online programs for those who aren’t located near the school to attend in person.

    2. You Want a Job That Will Provide Security

    The great thing about social work is the fact that this career will provide you with a great sense of job security. In an uncertain economic climate and volatile job market, this is really important. If you don’t want to have to worry about losing your job, social work is a great path to take.

    3. You Want a Job That Pays Well and Provides Benefits

    In addition to job security, social workers also enjoy a high salary and fantastic benefits. So, again, if you want to enter into a field that will give you the peace of mind of knowing that you’re an in-demand professional, social work could be the perfect choice.

    4. You Enjoy Working with People 

    When you’re qualified to become employed as a social worker, you’ll gain access to a variety of career paths that will allow you to work with a diverse group of people and help them in various ways. For example, you’ll be able to work in a school, helping children and their parents through their struggles. Or you can work at a substance abuse rehabilitation facility to help addicts. You can even work in the healthcare sector to help patients, as well as geriatrics, and you can work in mental health facilities to assist those who have been struggling with mental disorders.

    5. You Want to Easily Find a Job

    Social workers are currently in high demand, and the demand is set to continue to grow over the next few years, so if you get your education today, you’ll be able to enter into a job market that has a host of opportunities to choose from. It will be easier for you to find a job, and that will make it easier for you to build the life that you’ve always wanted.

    These are just a few of the reasons why so many people are opting to get an education that will allow them to become social workers. If you think this career is right for you, you can start working towards your online social work masters today.

    The post 5 Reasons a Career in Social Work Might Be for You appeared first on All Peers.

    Matthew Gertner - AllPeers6 Main Reasons to Use Private Jets for Travel [Technorati links]

    October 18, 2016 06:01 PM


    With no doubt, if you have ever tried flying with a private jet you know the difference and understand that there are thousands of benefits that corporate jets can offer to a regular passenger. Of course, it is impossible to include all the benefits into one article. This is why, we offer you to learn seven main reasons why private charter aircraft flight are better than regular commercial flights.

    Time saving

    Most frequently timer saving benefit is the main reason why people, and especially business people, choose corporate jet Depending on the program you opt for, you can actually book a flight only a couple of hours prior to the required flight. You spend less time on the ground before the flight, you have simplified customs checking procedure as well as prioritized passport check. As a result you same up to 2 hours on the ground prior to the flight. After the landing you also do not have to stay in lines for all the checks, you get priority and can start doing your work only a quarter of an hour after the landing.


    Private corporate jet flights tend to have smaller aircrafts, as a result they can operate with the bigger number of airports. For example, in the US private companies have over 5,000 airports in use, while big commercial companies have only around 500. It means that you get a possibility to lend much closer to your destination. Furthermore, all you baggage goes with you on board which allows you to take much more luggage and, let’s say, liquids with you without any restrictions.


    You can book your plane only a couple of hours prior to the flight, which offers you unbelievable convenience in time and space. On the first notice, a private charter aircraft will be ready to deliver your personality wherever you need to. You may also change the itinerary of the flight while already being on board!

    Quality of service

    With no doubt, private companies have much smaller number of passengers on board which allows them to offer much better service for every passenger separately. You will also have better food and beverages on board if it is important to you.

    Free time

    As you have less time needed to be spent on your flight you have more free time to stay with your friends and family or for doing business. Regardless of the purposes, you become the master of your time and not the airline.


    During the flight there will be less people around you and as a result you will have much more space to do whatever you need to do. Forget about screaming children and snoring neighbors forever!

    Rosemarie Knight acts as a content developer for a range of digital publications, who writes about different travelling subjects such as charter aircraft and areas alike. A proud nomad of digital space and an influential blogger in anything noteworthy for the travelling.

    For more info pls check:

    NovaJet Aviation Group

    2450 Derry Rd E.

    Mississauga, ON

    L5S 1B2, Canada

    +1 905-673-0287

    The post 6 Main Reasons to Use Private Jets for Travel appeared first on All Peers.

    Matthew Gertner - AllPeers7 Tips to Display Your Products Better in a Trade Show Booth [Technorati links]

    October 18, 2016 05:57 PM


    Do you have a product to exhibit? Don’t you have any experience in this? Do you plan to go to some show or exhibition, but don’t know what to do? If you answered ‘no’ to all of these question, then this is just the right article for you. Below we prepared a list of useful tips that will help you make your product look fabulous.

    Hire experts

    As you know, every product requires professional presentation. If neither you, nor your co-workers know how to do so, the you need to look for professional models Montreal who will be able to arise interest to your goods among the audience.

    Don’t bring too many products

    At an exhibition you are only trying to familiarize people with your offer and not overwhelm the audience with the huge number of positions you offer. So bring only the most beautiful / useful / outstanding products you have to draw people’s attention to your company. When people enter your booth, they should feel comfortable being there and not feel like they are behind a barricade.

    Support your large products

    If you need to exhibit some large pieces that will be standing on the floor, make sure that you still demonstrate their parts. For instance, you can use signs and towers in order to draw people’s attention to your stand.

    Amplify small products

    If, on the contrary, you have very small products that are hard to see, make sure to use large graphics or presentations to ensure that people see them at all.

    Build a set

    When you present your products you need to create ambience that is similar to where the products will be used. For instance, if you sell clothes or some shoe wear that will be used by dancers, make sure to hire dancers for parties who will be able to professionally represent all advantages and peculiarities of your product.

    Tell why you are better

    We all believe that our products are better than anything else existing in the market. But only we know about it. Consequently, you need to prove your potential buyers that you are the best and explain why you think so. Make sure that you display advantages of your product either by demonstrating them, or by creating a presentation for the same reason.

    Light your products

    Keep in mind that your products are the stars of your booth, so make sure to highlight them properly. You may use lights in order to directly put more attention on your products, if you have lots of shelves, you can use uplighting or display cases.

    But in case you exhibit some service and not a physical product, after reading this article you may think that you are at a disadvantage. However, keep in mind that you still can use video and graphics to draw attention to your services and to vividly display what you do and how you do it.

    For more info pls check:

    Femme Fatale Media & Promotions

    183 Wellington St W #3006

    Toronto, ON

    M5V 0A1, Canada

    +1 647-955-9733


    The post 7 Tips to Display Your Products Better in a Trade Show Booth appeared first on All Peers.

    Matthew Gertner - AllPeersWhy Should a Woman Consider Getting a Belly Band? [Technorati links]

    October 18, 2016 05:35 PM


    Any woman who has ever been pregnant will prove the fact that belly band is a great wardrobe extender. A pregnant mother-to-be while wearing a belly band has a possibility to wear her pre-pregnant clothes for much longer time, especially pants, jeans and skirts. The belly of a pregnant woman enlarges and starting from the 4th month it actually becomes pretty difficult to do up the zips, buttons or clips, this is why at this point belly band is extremely important. A woman can leave all of them open and simply wear a belly ban over the top in order to cover the expanse of skin. In fact, belly band is a bridge between the top piece of clothes and the beginning of the pants or skirt.

    Most women who have ever tried a belly band say that there actually are not afraid of their zips or buttons of Sevenwomen skirts or pants being open because the band stretches over the top. Moreover, they report getting rid of the buttons and zips digging into their skin and so the level of comfort with the non-maternity clothing with the use of a belly band goes up.

    Some pregnant mothers-to-be prefer to wear their belly bands as a boob tube with pants or a skirt. If living in the hot climate belly band gives them extra feeling of freedom because they can leave their skin exposed as much as possible.

    In general maternity clothes are considered to be just a fact of life only for pregnant women, but according to the surveys women continue wearing them even after the delivery; at least in the first year after. But at the same time clothes with panels seems to be less attractive to women, exactly because of this fact a lot of them continue wearing regular clothes but with belly bands. They cover up the expanse of stretchy fabric which actually sits prominently from the waist area to above the pubic bone.

    As you know belly bands are very stretchy, meaning that they move when a woman is moving. It means that they pose no negative influence on pregnant woman’s health because a woman can freely walk, bend, breathe and get up and down from any position without no restrictions from a belly band.

    Some mothers find that belly bands are just a great looking fashion accessory and that they can provide you with a different layering look. In fact, belly bands can smooth the mid section and so create an alternative to monochromatic color when dressing.

    Some women refuse to buy these very useful “tools” because they believe that the price is too high. In this case experts from Sevenwomen advise to buy belly bands for sale and so to save a lot of money still gaining comfort. For the evidence above and the opinions of real women you can see that any belly band is a perfect comfortable addition to any mother-to-be’s wardrobe.

    Lila Patton is established as a content producer for a line of digital content hubs, who focuses on a range of maternity subjects such as the importance of wearing special Sevenwomen jeans, skirts, belly bands and other maternity clothes. A committed drifter of Internet community and an opinion maker in everything related to the maternity.

    For more info pls check:

    Seven Women Maternity Dresses – Clothing Store

    7690 Yonge St.,

    Thornhill, ON

    L4J 1W1, Canada

    (905) 709-1947


    The post Why Should a Woman Consider Getting a Belly Band? appeared first on All Peers.

    Matthew Gertner - AllPeersImportant Steps in Becoming a Paralegal [Technorati links]

    October 18, 2016 05:34 PM


    In case you have always been dreaming to become a part of the legal profession but are not willing to commit yourself to any law school degree, then you need to definitely consider entering a paralegal degree program.

    Paralegal is a highly trained individual whose primary job lies in helping and assisting attorneys in their daily legal cases. Though you should know that paralegal cannot appear in any court of law or accept legal cases as a lawyer; their main job is to help attorneys by researching the previous cases connected to the current one, drafting various legal documents, and preparing affidavits.

    How to Become a Paralegal

    If you have just finished your high school education or have already been working but decided to launch a new career with a paralegal diploma in Toronto then you generally have several options to become a paralegal. Some of them include associate degrees and various certificates in paralegal studies. Most frequently associate degree in paralegal studies requires two years of full-time attendance at a college, but if you do not want to spend so much time for that you can apply for a certificate paralegal program which lasts from three months to twenty-four months.

    In recent years, a lot of colleges, universities and other educational institutions began to offer bachelor’s and master’s degrees in paralegal studies. If you already have any kind of associate degree in paralegal studies then you can work only at the entry-level positions in this field, but in case you are willing to get to the top of the industry, you need to understand that as a prospective paralegal you are to have one of the higher level courses completed or any of the industry approved certification programs or colleges.

    If you already have some bachelor’s degree, but in the field non-related to the paralegal profession then you can take several specialist training courses, all of which can become an alternative way to obtaining a profession of paralegal.

    Distance Learning to Become a Paralegal

    Today there are a few online based schools that can offer professional paralegal education with the help of distance learning method. As a rule this way is chosen by the people who either do not have enough money for studying on campus or they have a great lack of time but still want to become a paralegal. This option provides students with great flexibility to finish the studies at one’s pace.

    In case you decided to study online, make sure you check the chosen school’s accreditation, special job placement record and if you get the possibility to transfer the credits if you decide to embark upon a higher degree in future. Experts from CCBST.CA business career college in Toronto explain that credentials are very important because otherwise you might get an invalid diploma.

    Paralegals are paraprofessionals in Canada’s jurisdiction that usually assist qualified lawyers in their legal work. Unfortunately, paralegals are not approved by the government. As a rule, they are not a subject to the government court-sanctioned conduct rules.

    For more info pls check:

    Ccbst Brampton Campus

    Unit #110, 350 Rutherford Road South Plaza 2

    Brampton, ON

    L6W 4N6, Canada

    (905) 488-5627


    The post Important Steps in Becoming a Paralegal appeared first on All Peers.

    Mark Dixon - OracleOracle Identity Cloud Service [Technorati links]

    October 18, 2016 05:28 PM

    This morning, I watched the launch webcast for the Oracle Identity Cloud Service  a cloud native security and identity management platform designed to be an integral part of the enterprise security fabric.

    This short video, shown on the webcast, provides a brief introduction:


    Matthew Gertner - AllPeersHow to Find a Liquor Delivery Service Nearby [Technorati links]

    October 18, 2016 05:19 PM


    As we all know alcohol is one of the oldest means of entertainment, grief-coping means, and many-many other things. Since time immemorial, human beings have been drinking alcohol at any occasion, whether it was an ordinary drink with a meal or an addition to some celebration or funeral. So alcohol has been at every moment of human existence and it is still here. Today people continue drinking alcohol at any occasion regardless of the circumstances. And if you got tired of going to a store to get a couple of bottles then this is the right article for your needs. Below we described how one can find an alcohol delivery service nearby. Read and learn!

    Check the yellow pages

    The first place to look for alcohol delivery is local phone book. You can, first of all, check local bars and restaurants because, as a rule, they have white, red, rose wine delivery as well as stronger alcohol. After you have found a list of phone numbers just give a call to all those places and check the deals they offer you for a home delivery.


    The next thing to do is pay attention to the commercials around your home. Some places offering alcohol delivery will leave on their doors and windows signs about such a service. You need to specifically look for it because frequently we pass by these commercials and simply do not notice them. Once you see any of such commercials, either write down the information on it or just go into the bar or restaurant and ask in more details about the offer.

    Search the Internet

    This also should be one of the most common ideas that you have about looking for an alcohol delivery service. Go online and check bars and restaurants nearby (it is much easier to do via the Internet that walking by every place in search of a commercial, especially because you might not be aware of all local establishments of this type). Make sure that you put into the search engine machine something like “alcohol delivery” + your city + your neighborhood so that you do not look for offers in a different part of the city.

    Use online delivery service

    Instead of looking for a local company to cooperate with you can simply find an online alcohol delivery service. First of all, it is much easier to find one and make a deal with them. Secondly, when you order online you frequently get much better prices and better deals. And, finally, you can avoid tons of paperwork that is essential for cooperation with a physical business.

    Tomas Baldwin is established as a reviewer for a line of online publications, who writes about a variety of alcohol topics such as tips for finding a deliver y service with the help of experts from Wine Online Alcohol Delivery and whatever else is related. A committed traveler of online community and an influential figure in all things related to the alcohol issues.


    For more info pls check:


    15 Adrian Ave,

    Toronto, ON

    M6N 5G4, Canada


    The post How to Find a Liquor Delivery Service Nearby appeared first on All Peers.

    Matthew Gertner - AllPeersPro Tips about Hosing a Japanese Party [Technorati links]

    October 18, 2016 05:11 PM


    Well, the summer is over and the cold and unpleasant beginning of the cold times has come. Yes, exactly in this way most people perceive autumn – as a cold-hearted time of the year that sucks out our warm feelings collected through the summer. But in Japan people see autumn as something new, a transition into the new calmer and more measured life. This is why today we offer you an idea of throwing a Japanese party at your home to tune yourself and your friends on a harmonic understanding of the world and to simply spend some fun time together. Below you can find easy steps from our Japanese catering experts from Parts & Labour Catering Solutions.


    You know that sushi is a traditional Japanese catering party dish. If you want your guests to engage hen you can simply prepare all the required ingredients and make the sushi all together. If you would like to spend some time peacefully then you can either cook everything yourself or order some sushi from a local restaurant. If you want everything to be perfect, then hire professionals in Japanese catering to perform the master preparation of sushi in front of you.


    Vegetables is another vital part of a Japanese party. Do not forget to bring some green and fresh vegetables for people who prefer raw dishes. But, if you would like everything to be in a perfect Japanese tradition professional caterers advise opting for quickly pickled cucumbers. You can also make them yourself or simply buy in a city Japanese market. For serving experts advise to use some pan-seared King mushrooms. As a rule, exactly these mushrooms become the stars of the dinner. They are extremely easy to cook, all you need slice the mushrooms, then brush with oil, and just sear in a hot skillet until you see lightly golden color on the edges. Add up some Bok Choy and serve.


    Udon is a traditional Japanese soup. If you would like to save a little on throwing a party or are simply unable to get the required amount of sushi for the party, then serving Udon soup as one of main courses is a perfect idea. It is basically a nice noodle soup that if perfect for cold autumn evenings.

    Green tea ice cream

    This is traditional Japanese desert so make sure to have it served. Japanese catering experts advise not to jump over your head by cooking it yourself and simply buy it in a nearby supermarket. When serving top with some freshly shaved white chocolate.


    And the final part of our tips is about serving sake that is extremely cheap but will be a perfect addition to your Japanese evening.

    Steven Tucker is established as a reviewer for a big array of digital publications (consisting of businesses like Parts & Labour Catering Solutions), who focuses on various topics connected to party planning and matters alike. A tireless explorer of digital community and an influencer in all things related to the party planning.

    For more info pls check:

    Parts & Labour Catering & Restaurant

    1566 Queen St W.

    Toronto, ON

    M6R 1A6, Canada

    (416) 588-7750

    The post Pro Tips about Hosing a Japanese Party appeared first on All Peers.

    Matthew Gertner - AllPeersWhat You Need to Know About Dental Implants [Technorati links]

    October 18, 2016 05:03 PM


    Today we have thousands of alternatives to dentures — but the costs for them are much higher. Dental implants are a good long-term solution for any person to replace lost teeth, but you need to know that the price for them is pretty high.

    An implant beats dentures or bridges

    All types of dental implants (dentures, bridges and regular implants) will replace your missing teeth. Bridges require filing two adjoining teeth, but this may lead to the teeth weakness and even prone them to decay. If purchasing dentures you will often have regular fit problems and they also can have bad influence on taste sensors.

    All dental implants are constructed in the following way: a special titanium screw is placed in your jawbone and a “fake” tooth is attached to it. A liable and good implant will have no physical downsides and usually serve during a very long time, says Dr. Jeff Peterson, an associate dean at Los Angeles University’s College of Dentistry.

    Cost issues

    The biggest problem with all dental implants is their price. As a rule, they are not covered by any insurance, says Dr. Jeffrey Peterson. Usually practitioners in regular dental clinics will charge you with $3,000 to $4,500 for only one single tooth! But most ordinary dentists would refer you to professional oral periodontists, surgeons, or prosthodontists.

    If you have a very complicated case, for example you need a dental implant close to a sinus cavity or nerve, it is definitely worth paying even some extra for a dentist or a professional surgeon in Toronto who has specialized training.

    Equality of dental implants

    As a rule, you would firstly be proposed to take Swedish dental implants from the original manufacturer; investigations held in Toronto about dental implants studies have found that Swedish implants have the highest success rates (over 90%), says Dr. Jessica Childers, a professional dental surgeon for a clinic in Florida and a member of Dental Care Alliance.

    Today scientists try to create cheaper new dental implants but so far none of their researches were brought to life. So it is advised to ask your personal doctor for advice when choosing the best suiting dental implant exactly for your case.


    There are also many ways to get a discount. For example you can apply for a discount plan. Some companies in Canada would charge you an annual fee (at around $80-90) and then offer you a 15-25% discount on dental implants (at this point do not hesitate to ask about the availability and pricing before you accept any deal).

    Another option for those who can save money in Canada – you can visit Toronto dental implants schools. Many advanced students at some schools, studying at oral-surgery programs, may be eligible to do implants under very close supervision of a teacher but because of their studying process they make very good fraction of the usual cost. As a rule, you can find a list of local dental schools at the Dental Association in Canada.

    Frederick Gill operates as a content developer for a line of online content hubs, who focuses on a range of dental subjects and creates his articles with professional help of real active dentists – specialists in their fields. A committed traveler of online community and an influential blogger in all things related to the dental health.

    For more info pls check:

    Drs. J. Jesin & R. Eisen – Family & Cosmetic Dentists

    5 Park Home Ave #130,

    North York, ON

    M2N 6L4, Canada



    The post What You Need to Know About Dental Implants appeared first on All Peers.

    Matthew Gertner - AllPeersFive tips for choosing the best dentist [Technorati links]

    October 18, 2016 04:54 PM

    choosing a dentist

    Know your dental health benefits

    The first and probably most important thing that you need to think about when choosing a dentist is what you already have in your dental health plan. For example, some dental plans limit your options of visiting dentists only within their plans (meaning that the doctor you are going to should co-work with this company). Also a very important thing here is the issue of payment. Check your plan and find out if dental service is included into the plan, if yes, then learn if your options of choosing a dentist are limited.

    Ask for recommendations

    Now when you know your general options, ask your friends and family for any recommendations about their dentist in Maple Ridge. Experts also advise to consult even your physician for any references. After talking to people in person you can move on to checking the local yellow pages of phone book for local dentists. At this point you need to make sure that the person you consider to become your dental specialist has professional certification and accreditation in Maple Ridge.


    Undoubtedly, no one wants to drive an hour to get to the dentist. This simply means that you need to look for a specialist in your area of residence or somewhere close to your work. Nonetheless, do not forget to check a dentist’s flexibility. Check how much beforehand you should set the appointment and if there is a possibility of dental emergency visit. Consider also the fact that if you work five days a week then you need to look for a dentist who will be available on weekends.

    Personal consultation

    After the previous steps of searching for the best option of a dentist in Maple Ridge you need to end up having a list of prospective options. Then you need to call or visit them before making an eye-to-eye appointment. While talking on the phone you need to find out if he or she is a member of some organized dentistry, and also remember to ask about the dental procedures which are completed in-office. Do not forget about the issue of setting up regular check-ups and appointments in advance, find out how far in advance you need to call.

    Evaluation after an appointment

    When you actually physically come to one Maple Ridge’s dentist, you need to evaluate the office in order to make sure that it is clean, neat and orderly. Pay attention to the attitude of the staff members: how they treat their patients and patients’ private medical and dental history.

    After making several physical appointments with dentists you need to answer to a few questions to yourself: if the location good for you? Are the office hours convenient? Do you feel comfortable in that office? Do you trust the dentist?

    Delia Little is established as a content producer for a big array of digital content networks, who writes about different health related topics for example tips for choosing the best Maple Ridge dentists and other matters alike. A proud vagabond of online space and an influencer in everything related to the dental health.

    For more info pls check:

    Mapleridge Family Cosmetic Dental Clinic

    10175 Keele St #4, Maple ON, L6A 3Y9 Canada

    +1 905-832-9008


    The post Five tips for choosing the best dentist appeared first on All Peers.

    October 17, 2016

    ForgeRockWhy It Is Important to “Lock Down Your Login” [Technorati links]

    October 17, 2016 09:15 PM

    In order to provide American citizens and organizations with better information and tools to protect their data online, The White House earlier this year released the Cybersecurity National Action Plan (CNAP)The plan “takes near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.” A key goal of this plan is to help citizens understand that usernames and passwords simply are not strong enough to protect their data. If you saw our announcements earlier this year about moving beyond passwords, you know that we could not agree more! To promote awareness of these issues, the National Cyber Security Alliance (NCSA) launched the Lock Down Your Login campaign, with the stated goal of “empowering Americans to better secure their online accounts by moving beyond just usernames and passwords and adding an extra layer of security.”

    Reading the Lock Down Your Login press release, the statistic that jumped out at me is “72 percent of Americans believe their accounts are secure with only a username and password.” From a consumer standpoint, this makes sense since it is the only way most people have ever known. From retail to banking to social sites, usernames and passwords are the standard method for logging in, so they must be secure, right? The press release addresses this, too, noting that 62 percent of data breaches last year could have been prevented with strong authentication. Clearly, usernames and passwords are not enough!

    Strong Authentication: The Better Way to Lock Down Your Login

    In the identity world, we are all familiar with the concept of strong authentication, but I would bet this phrase is new to most consumers. They might have heard of multi-factor authentication (maybe), two-step login (a bit more likely), or “I’ll send you a code via text” (probably very likely), but we have now reached the stage where every organization needs to offer strong authentication for their online services, and perhaps they should even require it for services that deal with really sensitive information like financial and health records. And the “Lock Down Your Login” campaign should help to educate consumers to take advantage of these capabilities.

    Of course, the potential downside of strong authentication is hassle. But just as it was a bit of a hassle to move from the early days of the Internet where you could easily relay mail through nearly any SMTP server without so much as a user ID, to the modern world where authentication and encryption is required for nearly everything, it is a necessary step for a connected world. And new technology innovations like Push Authentication and built-in biometric scanning on mobile phones simplifies the login process for users. Eventually, strong authentication will be the new normal.

    As companies develop new applications, consolidate services, and try to provide a more personalized (and just plain better!) end user experience, strong authentication has to be a key component of the plan. With a variety of strong authentication options, including the previously mentioned Push Authentication capability, as well as comprehensive adaptive authentication capabilities, the ForgeRock Identity Platform is an ideal foundation for a secure, modern, consumer identity strategy. I am excited to see what inroads the Lock Down Your Login campaign makes in helping keep Americans’ data safer and more secure by raising awareness about better authentication.

    If you would like more information about moving beyond passwords with the ForgeRock Identity Platform, check out:

    Chris Kawalek  is Product Marketing Director at ForgeRock. 

    The post Why It Is Important to “Lock Down Your Login” appeared first on ForgeRock.com.

    KatasoftWordPress Authentication With Stormpath [Technorati links]

    October 17, 2016 04:59 PM

    Do you have a website that’s built on WordPress? Do you also have an application that you have built outside of WordPress? Would it be awesome if your users could use the same account information for both? Now, they totally can! The official Stormpath WordPress plugin has been released!

    Currently, the Stormpath WordPress plugin is only for username/password login, but we plan to expand this to the full suite of authentication and authorization features Stormpath offers. Throughout the next quarter, we will be releasing new versions of this plugin as new features become available.

    Authentication in WordPress

    Let’s say you’re an agency that manages multiple WordPress websites. Once you set up a Stormpath account and install the plugin on all of your client’s websites, you can have a single login across all of them that is physically the same user in the Stormpath system. This will make managing your sites a lot simpler.

    There are many other use cases for the Stormpath WordPress plugin as well, including social login, two-factor authentication, SAML, and even AD/LDAP support. These features are coming soon but will be a powerful addition to any WordPress website.

    WordPress Social Login

    Our next plugin feature will be social login in WordPress because we know this is a hot ticket for many people. With Stormpath, you’ll be able to set up social login in WordPress with a few simple dashboard configurations. When that’s done, social login from Facebook, LinkedIn, Google, will be available on your login screen.
    Stormpath Social Authentication In WordPress
    Along with Facebook, Google, and LinkedIn, we will also support SAML authentication. This will allow your users to log into WordPress using providers such as OneLogin and Salesforce. Keep an eye out for an announcement on all of this soon!

    Multi-Factor for WordPress

    As an extra step in securing your account at WordPress, we will be introducing two-factor authentication. This will allow your WordPress users the extra security of an additional authentication factor via SMS, Google Authenticator, or the TOTP protocol of your choice.

    Stormpath Multi-Factor Authentication In WordPress

    WordPress And Stormpath?

    We have a lot of plans for the Stormpath WordPress plugin to help you build a secure authentication system for your WordPress website. To learn more about this new release, or keep up with updates you can follow me on Twitter @bretterer or email our team at support@stormpath.com


    The post WordPress Authentication With Stormpath appeared first on Stormpath User Identity API.

    Axel NennkerCSS Oddities: anonymous inline whitespace nodes [Technorati links]

    October 17, 2016 04:49 PM
    I learned something today. All started with a @Twitter post by @supersole that there is a new feature in @firefoxnighly that now allows debugging "anonymous inline whitespace" nodes in HTML pages.

    The post claims that imgimg on the page is rendered differently than imgcrlfwhitespacecrlfimg.
    I could not believe this. That is stupid right? Which web developer would expect any difference?

    Well, it seems that CSS rules - being what they currently are - lead to this unexpected difference.
    The CSS spec describes the algorithm to process the HTML here in Phase I: Collapsing and Transformation.
    In the second HTML fragment the whitespace is deleted by step 2 which gives us 
    Step 2 tells us to handle segment breaks ("crlf"). That is described in the Segment Break Transformation Rules.
    Those rule give us imgspacespaceimg. Which is then again continued to be processed by the Phase I steps 3 and 4. Step 3 does nothing in this example.

    Step 4 reads:
    Any space immediately following another collapsible space—even one outside the boundary of the inline containing that space, provided they are both within the same inline formatting context—is collapsed to have zero advance width. (It is invisible, but retains its soft wrap opportunity, if any.) 
     So the remaining two spaces are turned into one (or two - I don't care to check) empty text nodes with zero width but with "soft wrap".

    Good to know - maybe. Is this a feature? I expected that everything between two HTMLElements that matches (whitespace)* is completely removed and not inserted into the rendering tree.

    Maybe this should be discussed here?: https://github.com/w3c/csswg-drafts/issues
    Not my cup of tea.

    Thanks to @upsuper who pointed me to the relevant specs.

    KatasoftBuild Your Freemium Site with Stripe and Stormpath in ASP.NET Core [Technorati links]

    October 17, 2016 03:08 PM

    Creating a “freemium” or paid access website is easier than ever with Stripe and Stormpath to manage the workflow of your paid membership content. As the owner of a subscription site, you need to concentrate creating content rather than all the plumbing that goes along with getting paid for that content.

    In this tutorial, we will create an ASP.NET Core web application integrated with Stormpath to manage authentication and authorization. Then, we are going to add a Premium User section which will only be available to users who belong to the “Premium” group. This group will be created and managed through Stormpath.

    strip + stormpath = love

    Users will be able to upgrade their accounts to “Premium”. For this, we are going to use the Stripe API to create a payment form for our freemium site.

    Let’s get started!

    Create a Stormpath account

    Visit the Stormpath website and sign-up to create your free developer account in Stormpath.

    Get an API key pair

    In order for your application to communicate with Stormpath, you’ll need a API key pair which will function as your credentials for the Stormpath API.

    Getting these keys is simple. Log in to the Admin Console and click on the “Create API Key” button on the right side of the page to generate and download an API key file called apiKey.Properties.

    Note: As a best practice we recommend you to save your keys as Environment Variables. Check out the Stormpath documentation to learn more.

    Open the apiKey.Properties file and set environment variables by running these commands in the Command Line:

    setx STORMPATH_CLIENT_APIKEY_ID "value_from_properties_file"
    setx STORMPATH_CLIENT_APIKEY_SECRET "value_from_properties_file"

    If you get an “Additional information: API key ID is required” error restart Visual Studio to pick up the environment variables from your OS. This is a pretty common error.

    Create a new ASP.NET Core Project in Visual Studio

    To create a new ASP.NET Core project, first click on File > New Project. Then, under Visual C# – .NET Core, pick the ASP.NET Core Web Application (.NET Core) template.

    In the New ASP.NET Core Project dialog, pick the Web Application template. Click Change Authentication to No Authentication. (You’ll be adding it yourself!)

    Install the Stormpath package

    The Stormpath.AspNetCore NuGet package contains everything you need to use Stormpath from your application. Install it using the NuGet Package Manager, or from the Package Manager Console:

    PM> install-package Stormpath.AspNetCore

    Initialize the Stormpath ASP.NET Core Middleware

    In the Startup.cs file, include the Stormpath namespace by adding this line at the beginning of it:

    using Stormpath.AspNetCore;

    In the same file, find the ConfigureServices method and add the Stormpath service in the service container:

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
       // Add framework services.

    Make sure that the Stormpath middleware is added before any middleware that needs to be protected, such as MVC.

    Then, find the Configure method and add Stormpath to your middleware pipeline.

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
       if (env.IsDevelopment())
       app.UseMvc(routes =>
               name: "default",
               template: "{controller=Home}/{action=Index}/{id?}");

    With these simple steps, Stormpath attaches the Default Features to your application, such as the login and registration routes.

    Update your layout

    When a user logs in, the Stormpath middleware will set the Context.User automatically.
    You’ll want to change the _Layout.cshtml located in Views/Shared to show different content based on the IsAuthenticated property, which returns true when the user has logged in to your application.

    Then, customize your home page by removing the boilerplate “Welcome to ASP.NET Core” in the Home/Index.cshtml and add, you know, your actual site. I have added a super basic “Welcome to Stormpath World” message.

    Run your application

    After running your application, you will see the “Log in” and “Register” options in your application nav bar. When you click on any of these links you will be redirected to the corresponding Stormpath default view.

    stormpath world

    Once, you get registered and log in to the application, you will see the “Hello your_username” and “Log Out” options.

    Yay! Users can now securely register and log into your application with Stormpath.

    Create a new Group in Stormpath

    Log in to the Admin Console and click on the “Groups” tab. Then, click on “Create Group” and complete the form:

    Stripe Premium Group

    The “Premium” group is ready to be used. Super easy!

    Get a Stripe API key pair

    Visit Stripe, and create your Stripe account if you don’t have one already. Once you’re logged in, go to account > account settings > API Keys and save your test API keys to be used later on.

    Store your Stripe API key pair using ASP.NET Core User Secrets

    You should always avoid storing sensitive data in your source code. This can be done by using the environment variables or the Secret Manager.

    The Secret Manager tool provides a mechanism to store sensitive data for development work outside of your project tree, and you can access to the secret keys by using Configuration. Let’s give it a try!

    Create a class in Model folder called PaymentSettings . This class will be used to store the Stripe keys.

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    namespace stormpathWebAppDemo.Model
        public class PaymentSettings
            public string StripePublicKey { get; set; }
            public string StripePrivateKey { get; set; }

    Install the User Secrets package by running the following command in the Package Manager Console:

    PM > Install-Package Microsoft.Extensions.Configuration.UserSecrets

    In Visual Studio, right-click on your web application and then click on “Manage User Secrets”.
    A JSON file called secrets.json will be open for editing. This file is located in the user profile directory.

    Add these two lines:


    In the Startup class, add the AddUserSecrets() line in the constructor to load settings from the User Secrets.

    public Startup(IHostingEnvironment env)
        var builder = new ConfigurationBuilder()
        .AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
        .AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true)
        if (env.IsDevelopment()) 
        Configuration = builder.Build();

    In order to bind the PaymentSettings class to your application you need to add them to the ConfigureServices method of Startup.cs.

    public void ConfigureServices(IServiceCollection services)

    Then, when you need to access the values of PaymentSettings you just need to inject an instance of an IOptions<PaymentSettings> class into the constructor of your client class, in this case, the PaymentService class. We will see this in action in the following steps.

    Create a “Premium User” section

    Now let’s create a view on our application that will only be accessible to Premium users. You will then create a way for users to upgrade their accounts to Premium.

    Create a new folder called Services and add a new class called “AccountManager”. This class will be responsible for managing everything related to user accounts.

    using Stormpath.SDK;
    using Stormpath.SDK.Account;
    using Stormpath.SDK.Application;
    using System.Linq;
    using System.Security.Principal;
    using System.Threading.Tasks;
    namespace stormpathWebAppDemo.Services
        public class AccountManager
            private readonly IApplication stormpathApplication;
            private readonly string PREMIUM_GROUP = "Premium";
            private async Task<IAccount> GetUserAccount(IIdentity userIdentity)
                return await stormpathApplication.GetAccounts().Where(x => x.Email == userIdentity.Name).FirstOrDefaultAsync();
            public AccountManager(IApplication stormpathApplication)
                this.stormpathApplication = stormpathApplication;
            public async Task AddUserToPremiumGroup(IIdentity userIdentity)
                var premiumGroup = await stormpathApplication.GetGroups().Where(g => g.Name == PREMIUM_GROUP).FirstOrDefaultAsync();
                var account = await GetUserAccount(userIdentity);
                if (premiumGroup != null && account != null)
                   await premiumGroup.AddAccountAsync(account);
            public async Task<bool> IsPremiumUser(IIdentity userIdentity)
                var isPremium = false;
                if (userIdentity != null)
                    var account = await GetUserAccount(userIdentity);
                    if (account != null)
                        isPremium = await account.GetGroups().Where(g => g.Name == PREMIUM_GROUP).AnyAsync();
                return isPremium;

    When the Stormpath middleware is added to your ASP.NET Core application pipeline, these types will be available for each request:

    In this class we used IApplication; you learn more about using the other objects in the documentation.

    Now, create a new Controller called PremiumContentController:

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    using Microsoft.AspNetCore.Mvc;
    using stormpathWebAppDemo.Services;
    namespace stormpathWebAppDemo.Controllers
        public class PremiumContentController : Controller
            private readonly AccountManager accountManager;
            public PremiumContentController(AccountManager accountManager)
                this.accountManager = accountManager;
            // GET: /<controller>/
            public async Task<IActionResult> Index()
                bool isPremiumUser = await accountManager.IsPremiumUser(HttpContext.User.Identity);
                if (isPremiumUser)
                    return View();
                    return Redirect("~/Home/BePremium");

    This controller tells the ASP.NET Core dependency injection mechanism to inject the AccountManager service. To do this, you need to register the service in the ConfigureService method in the Startup class:


    Create a new folder called “PremiumContent” under Views and then add a new Index view. This view will contain all your site data related to premium users. I have added a simple message:

    Lots of cool stuff here

    On the _Layout, add a link to the “PremiumContent” Index View if the user is already Premium:

    if (await AccountManager.IsPremiumUser(Context.User.Identity))

    In order to inject the AccountManager on the view, add this line on top of the file:

    @inject AccountManager AccountManager

    The Index action checks whether the user is allowed to access it, that is if the user is Premium. If not, it redirects them to a section where he can upgrade their account.

    Use Stripe to charge users for Premium accounts

    We will now use Stripe to create a form and accept payment for a Premium account.

    Go to your HomeController and create the BePremium action. This action will render the Stripe charge form:

    public IActionResult BePremium()
        return View("PremiumPayment");

    Now, create the PremiumPayment view under Views/Home:

    @using stormpathWebAppDemo.Model
    @using Microsoft.Extensions.Options
    @inject IOptions<PaymentSettings> PaymentSettings
    @section Scripts{
        <script type="text/javascript">
        <script type="text/javascript">
            $(function () {
                var $form = $('#payment-form');
                $form.submit(function (event) {
                    // Disable the submit button to prevent repeated clicks:
                    $form.find('.submit').prop('disabled', true);
                    // Request a token from Stripe:
                    Stripe.card.createToken($form, stripeResponseHandler);
                    // Prevent the form from being submitted:
                    return false;
            function stripeResponseHandler(status, response) {
                // Grab the form:
                var $form = $('#payment-form');
                if (response.error) { // Problem!
                    // Show the errors on the form:
                    $form.find('.submit').prop('disabled', false); // Re-enable submission
                } else { // Token was created!
                    // Get the token ID:
                    var token = response.id;
                    // Insert the token ID into the form so it gets submitted to the server:
                    $form.append($('<input type="hidden" name="Token">').val(token));
                    // Submit the form:

    Membership Amount: USD 50

    In this view, we are including the Stripe javascript library (which will do all the client-side magic for us).

    We set our Public API Key (Be sure it’s the public one! You should NEVER use private keys on client-side code), and as you can see, we are not using the Stripe key directly. Instead, we are injecting the PaymentSettings by adding this line:

    @inject IOptions<PaymentSettings> PaymentSettings

    And accessing the Stripe keys by the PaymentSettings.

    After that, we’ve added another script block with custom code. We’ve defined a form submit hook, which will prevent the form submission and obtain a token for the user’s credit card information (this token will then be used on the back-end to process the charge). If this action is successful, the handler will be executed, and will post the data to the back-end to process:

    And obviously, there is a simple charge form to capture the user credit card information.

    As you may have already noticed, the form will post to the ProcessPayment action of the HomeController. Before that though, create a folder called “Models” on the root of your project. Inside it, add a class to hold the form data that will be posted to the back-end:

    namespace stormpathWebAppDemo.Model
        public class PaymentFormData
            public string Token { get; set; }

    Install Stripe.NET using the NuGet Package Manager, or from the Package Manager Console to implement our PaymentService:

    PM> Install-Package Stripe.net

    Then, add a new service class to your “Services” folder. This class will be responsible for handling and processing the payment:

    using Microsoft.Extensions.Options;
    using stormpathWebAppDemo.Model;
    using Stripe;
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Threading.Tasks;
    namespace stormpathWebAppDemo.Services
        public class PaymentService
            private readonly PaymentSettings paymentSettings;
            private readonly StripeChargeService stripeChargeService;
            public PaymentService(IOptions<PaymentSettings> paymentSettings, StripeChargeService stripeChargeService)
                this.paymentSettings = paymentSettings.Value;
                this.stripeChargeService = stripeChargeService;
            public bool ProcessPayment(string token)
                var myCharge = new StripeChargeCreateOptions();
                // Always set these properties
                myCharge.Amount = 50;
                myCharge.Currency = "usd";
                myCharge.Description = "Premium membership";
                myCharge.SourceTokenOrExistingSourceId = token;
                // (not required) set this to false if you don't want to capture the charge yet - requires you call capture later
                myCharge.Capture = true;
                stripeChargeService.ApiKey = paymentSettings.StripePrivateKey;
                StripeCharge stripeCharge = stripeChargeService.Create(myCharge);
                if (String.IsNullOrEmpty(stripeCharge.FailureCode) && String.IsNullOrEmpty(stripeCharge.FailureMessage))
                    return true;
                    return false;

    As you did for the AccountManager service, register the PaymentService and the StripeChargeService in the Startup class to be injected by the framework


    Notice that the PaymentSettings was injected in the service, and used to get the Stripe private key.

    In order to process the payment, the ProcessPayment method creates a StripeChargeCreateOptions options with all the charge data (amount, currency, etc). Then, it creates the charge (passing this object as argument) with the StripeChargeService

    Now, go to your HomeController and create the ProcessPayment action as follows:

    public async Task<IActionResult> ProcessPayment(PaymentFormData formData)
        if (paymentService.ProcessPayment(formData.Token))
            await accountManager.AddUserToPremiumGroup(HttpContext.User.Identity);
            return Redirect("Index");
            // Handle errors
            return Redirect("Error");

    In order to use these services, inject them in the HomeController constructor:

    public class HomeController : Controller
        private readonly PaymentService paymentService;
        private readonly AccountManager accountManager;
        public HomeController(PaymentService paymentService, AccountManager accountManager)
           this.paymentService = paymentService;
           this.accountManager = accountManager;

    When the user submits the form, your back-end will charge them a fixed amount. The user will also be added to the Premium group in Stormpath and be granted access to your premium content!

    Keep learning!

    As you’ve seen, managing your “freemium” ASP.NET Core website can be simplified with Stripe for payments and Stormpath for user management, including registration, login, authentication, and authorization concerns.

    If you are interested in learning more about Stormpath and ASP.NET Core, check out these resources:

    The post Build Your Freemium Site with Stripe and Stormpath in ASP.NET Core appeared first on Stormpath User Identity API.

    Ludovic Poitou - ForgeRockStoring JSON objects in LDAP attributes… [Technorati links]

    October 17, 2016 02:04 PM

    jsonUntil recently, the only way to store a JSON object to an LDAP directory server, was to store it as string (either a Directory String i.e a sequence of UTF-8 characters, or an Octet String i.e. a blob of octets).

    But now, in OpenDJ, the Open source LDAP Directory services in Java, there is now support for new syntaxes : one for JSON objects and one for JSON Query. Associated with the JSON query, a couple of matching rules, that can be easily customised and extended, have been defined.

    To use the syntax and matching rules, you should first extend the LDAP schema with one or more new attributes, and use these attributes in object classes. For example :

    dn: cn=schema
    objectClass: top
    objectClass: ldapSubentry
    objectClass: subschema
    attributeTypes: ( NAME 'json'
    SYNTAX EQUALITY caseIgnoreJsonQueryMatch SINGLE-VALUE )
    objectClasses: ( NAME 'jsonObject'
    SUP top MUST (cn $ json ) )

    Just copy the LDIF above into config/schema/95-json.ldif, and restart the OpenDJ server. Make sure you use your own OIDs when defining schema elements. The ones above are samples and should not be used in production.

    Then, you can add entries in the OpenDJ directory server like this:

    $ ldapmodify -a -D cn=directory\ manager -w secret12 -h localhost -p 1389

    dn: cn=bjensen,ou=people,dc=example,dc=com
    objectClass: top
    objectClass: jsonObject
    cn: bjensen
    json: { "_id":"bjensen", "_rev":"123", "name": { "first": "Babs", "surname": "Jensen" }, "age": 25, "roles": [ "sales", "admin" ] }

    dn: cn=scarter,ou=people,dc=example,dc=com
    objectClass: top
    objectClass: jsonObject
    cn: scarter
    json: { "_id":"scarter", "_rev":"456", "name": { "first": "Sam", "surname": "Carter" }, "age": 48, "roles": [ "manager", "eng" ] }

    The very nice thing about the JSON syntax and matching rules, is that OpenDJ understands how the values of the json attribute are structured, and it becomes possible to make specific queries, using the JSON Query syntax.

    Let’s search for all jsonObjects that have a json value with a specific _id :

    $ ldapsearch -D cn=directory\ manager -w secret12 -h localhost -p 1389 -b "dc=example,dc=com" -s sub "(json=_id eq 'scarter')"

    dn: cn=scarter,ou=people,dc=example,dc=com
    objectClass: top
    objectClass: jsonObject
    json: { "_id":"scarter", "_rev":"456", "name": { "first": "Sam", "surname": "Carter" }, "age": 48, "roles": [ "manager", "eng" ] }
    cn: scarter

    We can run more complex queries, still using the JSON Query Syntax:

    $ ldapsearch -D cn=directory\ manager -w secret12 -h localhost -p 1389 -b "dc=example,dc=com" -s sub "(json=name/first sw 'b' and age lt 30)"

    dn: cn=bjensen,ou=people,dc=example,dc=com
    objectClass: top
    objectClass: jsonObject
    json: { "_id":"bjensen", "_rev":"123", "name": { "first": "Babs", "surname": "Jensen" }, "age": 25, "roles": [ "sales", "admin" ] }
    cn: bjensen

    For a complete description of the query  filter expressions, please refer to ForgeRock Common  REST (CREST) Query Filter documentation.

    The JSON matching rule supports indexing which can be enabled using dsconfig against the appropriate attribute index. By default all JSON fields of the attribute are indexed.

    In a followup post, I will give more advanced configuration of the JSON Syntax, detail how to customise the matching rule to index only specific JSON fields, and will outline some best practices with the JSON syntax and attributes.

    Filed under: Directory Services Tagged: attributes, Directory Services, directory-server, ForgeRock, Json, ldap, opendj, opensource, query, REST, schema, search
    October 14, 2016

    Matthew Gertner - AllPeersExplore Vanuatu: Quick island guide to maximize your travel experience [Technorati links]

    October 14, 2016 11:06 PM
    Explore Vanuatu and discover sights such as thisPhoto by CC user Graham Crumb on Imagicity.com

    As one of the happiest and nations in the world, Vanuatu is also remarkably one of the few remaining nature havens on earth that managed to preserve its raw beauty. With the island becoming increasingly famous thanks to international acclaims and word of mouth, you should search for flights to Vanuatu in advance to beat the holiday rush. It’s truly a paradise that everyone should visit for their dream vacation or travel expedition.

    Here’s a quick travel itinerary guide to the various islands of Vanuatu. From crystal clear beaches to blue holes and even active volcanoes, try to visit most if not all of the spots listed here.

    Efate. The main island as well as your international gateway unless you’re flying directly to Espiritu Santo. This island boasts markets with ample of fresh produce and locally-made crafts as well as an exotic nightlife, family activities, road trips and amazing resorts.

    Espiritu Santo. The second largest island in Vanuatu that boasts picturesque beach fronts and a mix of simple and luxurious accommodations. Here you can do snorkeling and scuba diving to experience the deep sea wonders of Vanuatu.

    Tanna. Nestled on the southern tip of Vanuatu, this island is full of interesting events happening in it. Come here to experience the fearsome view and force of Mount Yasur, visit the remote tribes that aren’t changed by time, and meet the strange cargo cults.

    Pentecost. This island is famous for land divers plummeting to the ground with nothing but vine ropes attached to their feet. They do this as a form of coming-to-age- ritual for boys transitioning to adulthood. Come here only between April and June to see the land diving in full swing. Day trips are also available from Port Vila.

    Ambrym. Love volcanoes and lavas? Here’s where you find it! Go volcano hunting!

    Banks Islands. Go off the grid in these remote northern islands of Vanuatu and be rewarded with lobsters cheaper than chicken. In here you’ll discover a fascinating tribal women dance who produces music from water.

    Getting around the islands. You can ride shared taxi vans marked with ‘B’ on their license plates. Regular taxis are marked with ’T’. The shared taxis aka busses can be quickly flagged from the side of the road and they can drop you wherever you like. The cost is about a hundred Vatu, but it’ll be wise to consult a local prior to boarding so that you’ll know how much drivers should quote you.

    Currency. The local currency is Vatu (VUV or V.) You may also use credit cards with a 5 percent surcharge. ATM cash withdrawals are shocking, so be sure to take out as much in one go. Bargaining in markets is not accepted and tipping isn’t necessary. Since many attractions are owned by villages, do not be alarmed when asked to pay entrance fees.

    Going to Vanuatu? Nope, Vanuatu isn’t found in the remotest part of the world. In fact, this paradise is only a short distance away from Sydney and Brisbane. Espiritu in the North is just 55 minutes from Port Villa. You can get flights to Vanuatu directly from these locations. Book early to get lower seat costs and even promos or discounts.

    When you explore Vanuatu, we hope that you have an island experience that is magnificent!

    The post Explore Vanuatu: Quick island guide to maximize your travel experience appeared first on All Peers.

    Mike Jones - Microsoft“amr” Values specification addressing shepherd comments [Technorati links]

    October 14, 2016 07:37 PM

    OAuth logoDraft -03 of the Authentication Method Reference Values specification addresses the shepherd comments. It changes the references providing information about specific “amr” values to be informative, rather than normative. A reference to ISO/IEC 29115 was also added. No normative changes were made.

    The specification is available at:

    An HTML-formatted version is also available at:

    Mike Jones - Microsoft“amr” Values specification addressing WGLC comments [Technorati links]

    October 14, 2016 05:48 PM

    OAuth logoDraft -02 of the Authentication Method Reference Values specification addresses the Working Group Last Call (WGLC) comments received. It adds an example to the multiple-channel authentication description and moves the “amr” definition into the introduction. No normative changes were made.

    The specification is available at:

    An HTML-formatted version is also available at:

    Matthew Gertner - AllPeersForex News [Technorati links]

    October 14, 2016 02:12 PM

    The latest and most recent Forex news always affect the buying and selling of currencies. For instance, one of the biggest influences of the foreign exchange market is fluctuations and changes in interest rates. Interest rates change from time to time and without the latest up-to date news about the current rates, a buyer may be at risk in buying and selling the loosing currency or that which would not make a profit.


    The selling pressure around the Sterling has now intensified, sending GBP/USD to the 1.2230 region. The spot has remained entrenched in the negative territory prompting levels that were last seen 30 years ago around the 1.2300. Poor results from the Manufacturing Production and Industrial Production in the UK have added to the current GBP weakness, ahead of the NIESER GBP Estimate expected later in Europe.

    On the USD side, September’s non-farm payrolls are up next ahead of speeches by FOMC’s VP Fischer, Cleveland Fed and Kansas City E. George. As of writing, the pair is losing 2.31% at 1.2326 with next support at 1.1841(low oct.7). On the flip side, a breakout of 1.2772(high oct.5) would expose 1.2920 (near term resistance line) and finally 1.2972 (20-day SMA). Taking this in record a buyer therefore garners the necessary information as to be able to buy the correct currencies and at the right time.

    The USD/JPY has also once again faced rejection at 104.00 handle and is now extending its retracement from over one-month highs. The pair currently hovers around 100-day SMA near 103.70-65 region making it snap eight straight sessions of winning streaks as renewed weakness in the British pound seems to have turned investors nervous and is extending support to the Japanese Yen’s safe haven appeal.

    The rising market expectations that the Fed will raise interest rates by the end of the year, accompanied with buoyant investor sentiment, has been the key driver of the pair’s up-move from the vicinity of 100.00 psychological mark touched in the previous week. The market would remain on today’s release of monthly job report from the US which would be looked upon to determine the timing of next Fed rate-hike action and would help investors to determine the pairs next leg of directional move.

    The post Forex News appeared first on All Peers.

    October 12, 2016

    KatasoftWill We See You At Zendcon 2016? [Technorati links]

    October 12, 2016 06:53 PM

    Zendcon 2016Zendcon is a yearly conference organized by the team over at Zend, the maintainers of PHP. Each year, many PHP developers gather in Las Vegas to geek out and talk PHP. This year, I will be attending for the first time, and I couldn’t be more excited! Stormpath will also be there to sponsor the event and announce a couple new things we have been working on for the PHP ecosystem.

    The lineup this year is great, and there’s still time to register! I can not wait to see some of the amazing talks. The only sad part is that I won’t be able to see all of them. The following few are on my “absolutely must attend” list!

    Robust 2nd-Factor Authentication With PHP – Tim Lytle

    MFA has always been something that I evangelize for. The added security of using a 2nd-factor on my accounts has saved me a few times from people who were trying to get into my account. My love for MFA started a few years ago when my Gmail account was hacked.

    Like so many others, my online life is centered around the Google ecosystem, so having this account put at risk was, well, concerning! I actually didn’t notice the hack for a few hours, basically until I realized I hadn’t received any emails for a while and discovered this message:

    GMail Hacked

    I was able to get all my accounts back under my control and I immediately added a 2nd-factor to my account. I’ve not had any issues since then! If, like me, you’re concerned about the security of the accounts you maintain on your PHP applications, you should join me and check out this talk on the benefits and downsides of MFA.

    From Docker To Production – Chris Tankersley

    What is this Docker thing? Personally, and I have no issue saying this, I’ve got no clue. OK, I know what Docker is from a high level, but don’t know how to use it. Anytime I have the chance to take learn something new from key players in the field, you better believe that I won’t turn it down. When I hear about Docker in PHP, the first person that comes to mind is Chris. I’m excited to see what Chris can teach me about Docker and maybe even make tutorials that I write for Stormpath easier (and cooler!) by using a Docker image.

    Hacking Your Way To Better Security – Colin O’Dell

    At Stormpath, the number one thing we keep in our minds is security. This not only goes for the core API of Stormpath but also all the SDK’s and integrations. There are many things that I can learn from Colin about web security and I plan to be at his talk, front and center, getting everything I can from him. I may already know some of what he’s going to be discussing, but it doesn’t hurt to hear it again and refresh my memory. With our integrations for Laravel and Lumen, things like XSS and CSRF are always on the front of our minds.

    See you at Zendcon 2016!

    I do wish that I could attend every talk, as I know each and every one of them will be great! I hope to see you at these talks with me. If you can’t attend the talks, please make sure to stop by the Stormpath booth to say hi! I love visiting with people and talking about our product. We’ll also have our famous “I find your lack of security disturbing” shirts this year.

    I Find Your Lack of Security Disturbing

    // Brian

    The post Will We See You At Zendcon 2016? appeared first on Stormpath User Identity API.

    Kantara InitiativeDigi.me founder to join board of Kantara Initiative to further global personal data vision [Technorati links]

    October 12, 2016 01:00 PM

    Julian Ranger, the founder and executive chairman of digi.me, has been invited to join the board of global identity experts Kantara Initiative.

    As the personal data economy continues to grow apace, companies industry-wide are looking to Kantara to forge the best possible community framework to encourage sustained innovation and growth for all.

    With its recent £5.3m Series A raise digi.me, which will also join the organisation, and Julian are expertly placed to add to and develop the innovation already present. Kantara has made a name for itself as a hub for inventors, thinkers and innovators thanks to its can-do attitude and proven ability to construct solutions to complex data and privacy problems.
    This includes the Consent Receipt specification, designed to turn on its head the traditional business and consumer relationship and put the user back in control.

    Digi.me also has a proven record in finding innovative technical solutions to personal data and privacy problems, and will imminently release a consented sharing Permission Access platform, which will allow users to gather together all their health and financial details and share them, if they wish, with businesses in exchange for personalised benefits.

    Julian, the creator of STASYS’ iSMART process, the de facto standard for military communications interoperability worldwide, said: “Ecosystems grow faster when systems can interoperate and businesses are more likely to be used by other businesses if their solutions do not lock users in.

    “As one of the most well funded personal data start-ups strongly committed to interoperability, which Kantara has a strong track record in, we are happy to do so on behalf of the whole ecosystem and not just digi.me. After all as the ecosystem grows, so will opportunities for us.”

    “We are delighted to welcome Julian and digi.me on board,” said Allan Foster, president, Kantara Initiative. “Julian’s expertise and experience will prove invaluable to Kantara’s mission to develop innovative initiatives to drive the digital identity transformation. Personal data is an important element of this transformation.”

    Colin Wallis, executive director, Kantara Initiative, added, “Everyone in the personal data arena knows that serious innovation is needed – and quickly. We need to continue moving forward toward standards development, specifications and taxonomies – the fuel that will drive this new community. We look forward to Julian and digi.me helping make that happen.”

    Julian will join a truly global board, with members from the US, Canada and Japan, over half of which reside outside the US.


    Editor’s Notes:

    Digi.me’s full press pack, which includes high-resolution images, logos and screenshots for
    download, can be found at digi.me/press. Digi.me is available on desktop for PC and Mac https://digi.me/download-trial and for mobile on iOS and Android http://try.digi.me/ For further details, interview requests, or additional pictures please contact Communications Editor Emma Firth on emma@digi.me or 07812 608577.

    Kantara Initiative, Inc. provides strategic vision and real world innovation elements for the digital identity transformation. Developing initiatives including Identity Relationship Management, User Managed Access (EIC Award Winner for Innovation in Information Security 2014), Identities of Things, and Minimum Viable Consent Receipt, Kantara Initiative connects a global, open, and transparent leadership community, including CA Technologies, Experian, ForgeRock, IEEE-SA, Internet Society, Nomura Research Institute, Radiant Logic and SecureKey. More information is available at ​ https://kantarainitiative.org/. Follow Kantara Initiative on Twitter — @KantaraNews

    Gerry Beuchelt - MITRELinks for 2016-10-11 [del.icio.us] [Technorati links]

    October 12, 2016 07:00 AM
    October 11, 2016

    Matthew Gertner - AllPeersA Guide to Amsterdam Art [Technorati links]

    October 11, 2016 07:31 PM

    Amsterdam has long been regarded an artist’s paradise; a veritable treasure trove for appreciators of wonder, beauty and curiosity. Boasting more than 50 traditional galleries, museums and vast exhibition spaces, the city effortlessly blends the classical and contemporary, bringing together old masters and art lovers.


    A visit to Amsterdam is your opportunity to dive head first into the art world, via the work of names you’ll know, and those you’ll struggle even to pronounce; here, art is art, regardless of who it’s by.

    The best art in Amsterdam

    Amsterdam Art, a non-profit organization that aims to bring paintings, sculptures, prints, installations and performance pieces to the masses, is your guide to the city’s creative. With so much to inspire, from both the past and present, you’ll need all the assistance you can get to make the most of your Amsterdam art break.

    Amsterdam has links to some of the most illustrious artists in history; it’s where the home and workshop of Rembrandt Harmenszoon van Rijn between 1639 and 1656 can be found, and museums and galleries are dedicated to Vincent Van Gogh and Johannes Vermeer. A weekend could easily be whiled away in these inspirational places alone.

    Just yards away from the works of these well-known names you’ll find examples of street and urban art created by modern artists looking to tell their own story, and event spaces hosting installations of every kind. So many artists have made their name in Amsterdam, or taken up residency in the city in search of inspiration; who knows whom or what you’ll discover.

    The contemporary art scene in Amsterdam is a vibrant one. The leafy Jordaan neighborhood is home to many small, independent galleries; here, art exists to speak its mind, spark debate and inspire.

    Other galleries and exhibitions well worth a visit include Droog, an exciting studio space, Galerie Fons Welters, which opened in 1988 to support of new talent, the experimental Upstream Gallery, Grimm Gallery, where new works by established artists are exhibited, the world-famous Stedelijk Museum, Rijksmuseum, and Foam, the photography museum.

    In Amsterdam, art is nurtured both on and off the canvas; EYE Film Museum is a great example of alternative media and architecture coming together to create something special.

    Amsterdam Art Weekend is a program of events that enable visitors to experience every aspect of the local art scene; held each year in November, the event is highly recommended for anyone who’s not quite sure where to start.

    Of course, Amsterdam isn’t a city solely for the art lover, but for the artist too; its many shining examples of renaissance architecture, striking canal system, inspiring bridges, street cafés, and cosmopolitan population are a feast for the paintbrush or lens.

    Indeed, anyone hoping to capture a moment, immortalize a landscape or create characters to fall in love would do well stay a while in Amsterdam, and sample the views across the Flower Canal – or Bloemgracht, Reguliersgracht, Oosterpark, Vondelpark and the Waterland nature reserve.

    Such landscapes are a treat for the artist, while the exhibits to be found in the city’s museums and galleries will provide the inspiration if you’re looking to discover hidden talents.

    Amsterdam: A travel guide

    It takes a little careful planning to make the most of Amsterdam. While the city boasts an array of luxury hotels, boutique bed and breakfasts and cozy lodgings, it’s the many self-catering apartments in Amsterdam that allow travelers the freedom to explore to their hearts’ content; come and go as you please, taking in moody morning walks and coffee shops in your own corner of the city.

    Self-catering enables travelers to truly explore the culinary side of Amsterdam and seek out the city’s tastiest treats and freshest produce, without feeling obliged to patronize on-site restaurants.

    There are many ways to traverse this labyrinthine city. Walk along the canals, cycle across paved streets, or take the metro, tram or bus; it’s highly unlikely you’ll need to hire a car unless you’re traveling beyond the city’s limits. Besides, who knows what you’d miss if you did?

    Budget for visiting museums, galleries and workshops, although much of the city’s art is free to access. The city’s climate is affected by the North Sea to the west, but the summers and winters are mild in comparison to southern Europe; pack for a city break, taking plenty of layers with you, and you won’t go far wrong.

    Amsterdam is art; a place where aspiring talent rubs shoulders with the old masters, and where anyone can be inspired to pick up a paint brush, pencil or camera. Walk the streets, talk to the people, and allow the galleries, museums and exhibitions spaces to speak to you.

    The post A Guide to Amsterdam Art appeared first on All Peers.

    Matthew Gertner - AllPeersWalking through fire: Managing a company in crisis [Technorati links]

    October 11, 2016 07:27 PM

    With the influence and reach of social media, “brush fires” can quickly become infernos. Putting out the small fires quickly and effectively protects businesses from serious damage and can even improve a company’s standing with the public. Today’s crises take place in the crucible of social media with problems (and, hopefully, solutions) playing out in a matter of minutes. A crisis can quickly become out of control through lack of communication or insensitive social media responses, or it can be handled with transparency and respect.



    Many problems in social media could have been prevented with a little research. Coca-Cola’s wrong map of Russia, DC Comics foreign language gaffe, and Total Beauty’s mistaking Whoopi Goldberg for Oprah Winfrey all happened because companies failed to think things through before going public with something. And, not only did they have to deal with the embarrassment of their mistakes when they happened, but also the chagrin of seeing those mistakes pop up again in “2016’s Worst Mistakes”-type articles.


    Effective responses give customers information. For example, when Seacom experienced the severing of some of its undersea cables a few years ago, it let its customers know exactly what happened and the steps they were taking to rectify the situation. When customers understand events, they can imagine what it will take to restore service and are inclined to be more patient, particularly when the event is very clearly beyond company control. Jeni’s Splendid Ice Creams similarly provided information about the way the company was dealing with two recent listeria outbreaks.

    Speedy, Appropriate Responses 

    Speed is also critical. Bad news sells quickly because people are looking for a good story. A single ill-thought-out tweet can create a business crisis in a matter of seconds. Epicurious appeared as if it was using the Boston Marathon tragedy to advertise their products, prompting a backlash. They compounded their difficulties when their responses to irate Twitter users were “one size fits nobody.”


    Sometimes it is best for a company to redevelop itself by sacrificing some of its scope. For example, Yusuf Alireza streamlined the Noble Group in an effort to increase its profitability in the wake of commodity pricing issues. He sold assets in order to reduce debt, leading the company towards financial stability.


    Many problems can be prevented with research. At the same time, companies do survive tidal waves by taking responsibility for their actions, by acknowledging problems publically, and by avoiding the mistake of trying to justify the unjustifiable. They do so when they can take the perspectives of their customers. They do so when leaders are prepared to make actual sacrifices in the process of addressing problems.

    The post Walking through fire: Managing a company in crisis appeared first on All Peers.

    Matthew Gertner - AllPeersEnjoy the Power of the Guilds in Barcelona [Technorati links]

    October 11, 2016 07:17 PM

    Guilds form a very important part in Barcelona’s history. They were part of the Consell de Cent. These Guilds built headquarters in the main streets of Barcelona. For this tour, you will get to not only discover & enjoy the power of the guilds in Barcelona but also appreciate the role that the Guilds played during the Medieval & modern times in this city.


    This is a 3-hour walking tour that begins either at your preferred hotel or near the Gothic Quarter. Also, you get to be guided by a friendly & licensed guide who speaks in your preferred language. The quoted tour price will include the pay for the guide & entrance to the Casa de la Seda.

    With its ancient, narrow streets and imprints left on the stones by the various inhabitants, Gothic Quarter’s charms will make the start of your tour quite amazing. The guide will also ensure you get to see the Gothic Cathedral’s chapels & the 15th-century cloister which is guarded by geese. The Cathedral de Barcelona was built for over 600 years. In the Gothic Quarters, you will also get to stroll into a welcoming open space that is the Placa Sant Felip Neri. This is a beautiful square framed by baroque church sant Felipe Neri. In addition, it is framed by the facades of houses of the Shoemakers’ Guild & the Boilermakers’ Guild.

    The next phase of this Private Barcelona & the Guild with Casa de la Seda tour will take you to the Jewish Quarter. Also referred to El Call, this quarter was inhabited by Jews until their expulsion in 1492. Do you want to see what is believed to be the oldest Synagogue in Europe? This quarter has the remains of one of the oldest synagogues in its center.

    After the Jewish Quarter, you get to experience the medieval past of Barcelona in the Governmental Square. For example, two Roman roads crossed through the Placa Santa Jaume. On the hand, Placa del Rei has a concentration of the oldest buildings in the city. Among them a 1555 lookout tower & the 1362 Salo del Tinell.

    Finally, the tour will end at the famous Casa de la Seda or the Silk Makers house. It is the headquarters of the Silk Association and was built 300 years ago. You will see its 4-meter high beautiful sgraffito patterns & unique noble floor. Having a tour inside the Casa de la Seda is the best way to end this Private Barcelona and the Guild with Casa de la Seda trip.


    The post Enjoy the Power of the Guilds in Barcelona appeared first on All Peers.

    CA on Security ManagementA new security imperative [Technorati links]

    October 11, 2016 10:00 AM
    As our report on digital transformation points out, mobile applications were practically non-existent as recently as 2007. Jump forward 10 years, and forecasts suggest that… The post A new security imperative appeared first on Highlight.

    October 10, 2016

    KatasoftKsubaka Chooses Stormpath for Identity Management in Java [Technorati links]

    October 10, 2016 02:53 PM

    The team at Ksubaka implemented Stormpath earlier this year. We’re excited to share this post on their experiences from Ksubaka DevOps Lead Phil Hendren.

    Here at Ksubaka we’ve been using Stormpath for identity management in Java since the beginning of 2016, but what is Ksubaka? Ksubaka is media network that links brands to consumers in high footfall retail environments.

    About Ksubaka

    Ksubaka + StormpathWe’ve currently rolled more than 6,000 interactive kiosks in 1000 retail stores across 90 cities and in every province in China. This means our network engages directly with over 10 million shoppers every month, for brands that include Coca-Cola, Colgate, Head & Shoulders, Kellogg’s and many others

    The goal of the media network is to connect consumers with brands closer to the physical point of purchase, in-store. Our interactive kiosks, called ‘playSpots’, provide mini-games that take the consumer on a branded game journey. To support this network we’ve had to build a system that can manage these playSpots over-the-air, primarily using public cellular networks.

    Through this system, we’re able to provision new games or update core software components in a matter of minutes from our backend systems running in the public Cloud. Branded campaigns can be edited post-deployment to optimize their exposure for our clients and these changes can also be delivered to the entire network or strictly targeted playSpots.

    Achieving this is not without technical challenges, one of which was how we would allow the necessary engineers access to the tools required to manage the network from a technical point-of-view. This was especially important to us as we rolled out in China as many of these engineering staff could be transient. We needed to have a means of protecting our tools with a role-based system, and we needed to deploy it as rapidly as possible.

    Enter Stormpath

    We first learnt about Stormpath when we started looking for Identity-As-Service providers. Although our initial use-case was very much around protecting some public-facing Internet services with a role-based layer, we were also interested in providers that offered other features such as SSO, OAuth, and Social Login for potential future uses, so we cast our search quite wide.

    Ksubaka login

    The criteria we worked towards that the solution had to provide us with token authentication and authorization; have a REST API; provide well-maintained and working libraries for integration with popular development stacks, in our case Java and Python; and most importantly, provide easy and rapid integration.

    Stormpath was an ideal fit for us because it allowed us to create a new directory quickly without having to worry about the operational cost of maintaining a similar directory with something like LDAP, along with the advantage gained from the different SDKs available in different languages.

    From start to finish it took us no more than a matter of hours to have Stormpath fully integrated with our target Java application in our non-production environments, and then, once QA was passed we pushed it to production and it’s worked well.

    Recently, we started it using Stormpath to provide similar protection for some internal tools we use that have be written using the Flask-framework for Python. As with the Java integration, we were up and running in minutes with a fully authenticated application.

    Since deploying to production we’ve only had to speak to Support once, in July, and they were quick to respond to us with the information we needed.

    If you’re looking to deploy an authentication/authorization layer in front of your service and you need to do it rapidly, Stormpath is definitely worth consideration.

    Thanks Phil and Team Ksubaka!

    Interested in learning more about user authentication and identity management with Stormpath? Check out these awesome resources:

  • A Simple WebApp with Spring Boot, Spring Security, and Stormpath—in 15 Minutes
  • Identity Management in Spring Boot with Twilio and Stormpath
  • Build a Spring Boot API with Hazelcast for Cached User Authentication
  • The post Ksubaka Chooses Stormpath for Identity Management in Java appeared first on Stormpath User Identity API.

    Axel NennkerTwitter Markup [Technorati links]

    October 10, 2016 11:56 AM
    Twitter Cards are around for some time now and I recently wondered how commonly used they are?

    There is a nice blog post on Blogger on how to integrate them there but clearly there should be ways for e.g. newspapers to promote their reports by providing summaries and a main image and author information that is not @Twitter specific?  Microformats and schema.org to the rescue?

    What does Google do? It seems that JSON-LD is the recommended format.

    How would a Twitter Card look in JSON-LD?

    Twitter Cards or Rich Cards or @w3c Cards?

    Time to standardize!

    October 09, 2016

    Matthew Gertner - AllPeersBuying a Safe Trampoline for your Family has never been Easier [Technorati links]

    October 09, 2016 04:48 PM

    Trampolines are a great way to get outside, have some fun and get active either by yourself or with the family. A trampoline can be a great gathering point for fun and excitement for kids of all ages and adults alike, as long as safety is ensured. Trampolines have a bad reputation — and it’s true that thousands of hospital visits each year occur because of injuries incurred while using one. What most people do not know, is that most trampoline-related injuries are actually to be blamed on the design of the trampoline itself, and not necessarily the user’s activity. This is due to the fact that despite the improvements made in materials and construction, trampoline designs have not changed in the 80 years since its invention. Trampoline mats are held in place by large, tightly coiled springs which are secured to a heavy metal frame — all on a horizontal plane accessible to the jumper.

    This design is flawed at its core and that is why Springfree Trampoline has set the new standard with their patented springless design, that does not rely on an exposed frame or traditional coiled springs. Springfree has removed springs altogether, instead using flexible composite rods as well as a hidden frame. Springfree’s SoftEdge mat creates 360 degrees of safety — where the mat ends, the FlexiNet safety enclosure begins, ensuring that no bouncer will ever come into contact with a hard metal surface. The FlexiNet is itself supported by flexible composite rods that bend like fishing poles and absorb a jumper’s energy. If you’re shopping for the best trampolines with enclosure nets, be sure to consider FlexiNet technology, as it is setting new standards in trampoline safety.

    Of course, there is more to modern trampoline companies than just the design of the trampolines themselves. Companies have been making advances in how people actually interact with trampolines. Springfree Trampoline has partnered with tgoma to offer the world’s first smart trampoline. The purpose of this game system is to bring kids out of the house and to turn sedentary play into active time. The tgoma system combines the best of both worlds of electronic gaming and physical activity through tgoma Fit. The tgoma system is also great for adults who are looking to track activity, reach fitness goals, and participate in events with other users around the world, sharing scores with family and friends.

    Trampolines are a great way to get outside, have fun and get active. Modern springless trampolines from Springfree Trampoline which have concealed frames and a SoftEdge mat are safer than traditional designs. The addition of electronic interface systems such as the tgoma game system makes jumping interactive and more social. All of this means that when buying a safe trampoline for your family, you can bring all of the fun, excitement, and exercise that you knew as a kid in a new and improved way.

    The post Buying a Safe Trampoline for your Family has never been Easier appeared first on All Peers.

    October 07, 2016

    Gerry Beuchelt - MITRELinks for 2016-10-06 [del.icio.us] [Technorati links]

    October 07, 2016 07:00 AM
    October 06, 2016

    GluuLimiting OpenID Connect Community Client Support [Technorati links]

    October 06, 2016 08:49 PM


    The Gluu Server Community Edition is used by lots of organizations all over the globe. We do our best to provide free support to everyone who needs it. However, support is not supposed to be a substitute for reading the Gluu Server documentation, for reading the applicable technical specifications, and for researching on the Internet.

    If the Gluu Server works other then the way its documented, if there is a feature that is not documented well enough, or if you need a work around for a bug, we want you to open a support issue. Community support is the canary in the coal mine. If something is wrong, the community helps us identify problems.

    However, over the last few years, and with increasing frequency, we’ve noticed that some community support issues are being raised without end users doing sufficient research. This has become particularly prevalent with regard to OpenID Connect. Although you can use low-level web tools to call OpenID Connect API’s, doing so successfully without reading at least the Basic Client Implementors Guide, or the Implicit Client Implementers Guide, will inevitably result in many questions. Gluu simply does not have the time to train community developers on how to write an OpenID Connect client.

    The good news is that there are several clients out there that make it easier to utilize a conformant OpenID Connect Provider, like the Gluu Server. For community support we are going to limit the number of OpenID Connect clients that we support to the following:


    This list may grow over time. But the above list provides a pretty good swath of libraries and software that you can use to protect your applications with OpenID Connect without writing a client from scratch.

    October 05, 2016

    KatasoftBuild a Spring Boot API with Hazelcast for Cached User Authentication [Technorati links]

    October 05, 2016 10:36 PM

    By caching API responses and removing the need for a round trip over the wire to a remote API service, you save on future API calls (potentially saving you money) and create a far more responsive API. For these reasons, all of Stormpath’s primary SDKs have a caching layer built in, standard. In this post, we’ll examine the default cache in the Java SDK and how to easily replace it with the Hazelcast distributed, open source, caching server. The code for this can be found here.

    If you’re a developer, you’re living in an API world. From Google Maps, to Twilio Messaging to Stormpath for Identity Management, web apps are more and more the “glue” between APIs. Many APIs are organized like old-school Utilities – you pay for what you use and how often you use it. At Stormpath, we have SDKs in many languages – Java, .Net, Node.js, Python and many more. We are often asked the question, “Why should I use your SDK instead of your API directly?” Among the answers is: Cache.

    Hazelcast, Stormpath, and Caching

    The Java SDK has a robust caching layer out of the box that, while configurable, requires no intervention in most use cases. And, because it’s implemented at the lowest layers of the Java SDK, you get the benefit of the cache in all the integrations, including Spring Boot.

    However, the built-in cache is suitable only for single JVM environments. This means that when your application is ready to scale—perhaps to a multi-server environment, fronted by a load balancer—you’ll need to switch to a distributed caching infrastructure.

    Distributed caching software, like Hazelcast, automatically synchronizes the cache across a cluster. It also has advanced features like auto-discovery and auto-assimilation of new nodes.

    The Java SDK is designed so that the caching mechanism is completely pluggable. Dropping in Hazelcast is as simple as adding the dependency and creating a single configuration for your Spring Boot application.

    Hazelcast + Stormpath = Love

    Scaling the Cache

    To add Hazelcast to your Spring Boot application, add these dependencies to your pom.xml file:


    These dependencies are the baseline Hazelcast system and the Hazelcast Spring integration.

    Next, we’ll add in a configuration using the @Configuration annotation.

    public class CacheConfig {
        public HazelcastInstance hazelcastInstance() {
            Config config = new Config();
            config.setProperty("hazelcast.jmx", "true");
            return Hazelcast.newHazelcastInstance(config);
        public CacheManager cacheManager() {
            // The Stormpath SDK knows to use the Spring CacheManager automatically
            return new HazelcastCacheManager(hazelcastInstance());

    The beans, organized this way, will override the default CacheManager. Notice lines 6 and 7 above. We are enabling jmx in Hazelcast which we will use to confirm that Hazelcast is working later.

    Distributed Caching in Action

    If you haven’t done so already, follow the Quickstart instructions to setup a Stormpath account.

    We’ll also be using the jvisualvm tool to examine what’s going on in Hazelcast.

    Next, we’ll fire up two instances of the Spring Boot app:

    mvn clean install
    java -jar target/*.jar &
    Java -jar target/*.jar --server.port=8081 &

    You’ll notice Hazelcast starting up and discovering and connecting to the second instance:

    Members [1] {
        Member []:5701 - c2d1bb02-2d83-43fa-b90a-aa3219422195 this

    Members [2] {
        Member []:5701 - c2d1bb02-2d83-43fa-b90a-aa3219422195
        Member []:5702 - 40c8af8d-50e5-4db8-b76b-17d24c35a757 this

    Let’s login to the Spring Boot app so we can get some good stuff into cache.

    Hazelcast and Stormpath

    Log in to Spring Boot

    Localhost Hello Micah!

    Launch jvisualvm, and you should see the two Spring Boot instances you just started:

    Launch Java VisualVM

    Double-click one of the Spring Boot processes and choose the MBeans tab. Note: You’ll need to install the MBeans plugin in jvisualvm.

    Expand the com.hazelcast node all the way down to IMap. There, you will see some Stormpath objects:

    Stormpath Objects

    Click on Account on the left and the Operations tab on the right. Blank out the placeholder String to the right of the values button and then click it. You’ll get back something like this:

        href=https://api.stormpath.com/v1/accounts/<account ID>, username=mt@me.com, 
        email=mt@me.com, givenName=micah, middleName=null, surname=silverman, fullName=micah silverman, status=ENABLED, 
        createdAt=2016-03-04T06:29:48.506Z, modifiedAt=2016-08-17T18:01:07.812Z, passwordModifiedAt=2016-05-24T02:14:01.000Z, 
        customData={href=https://api.stormpath.com/v1/accounts/<account ID>/customData}, 
        providerData={href=https://api.stormpath.com/v1/accounts/<account ID>/providerData}, 
        groups={href=https://api.stormpath.com/v1/accounts/<account ID>/groups}, 
        applications={href=https://api.stormpath.com/v1/accounts/<account ID>/applications}, 
        groupMemberships={href=https://api.stormpath.com/v1/accounts/<account ID>/groupMemberships}, 
        apiKeys={href=https://api.stormpath.com/v1/accounts/<account ID>/apiKeys}, 
        accessTokens={href=https://api.stormpath.com/v1/accounts/<account ID>/accessTokens}, 
        refreshTokens={href=https://api.stormpath.com/v1/accounts/<account ID>/refreshTokens}, 
        linkedAccounts={href=https://api.stormpath.com/v1/accounts/<account ID>/linkedAccounts}, 
        accountLinks={href=https://api.stormpath.com/v1/accounts/<account ID>/accountLinks}

    At this point, you may be wondering why we’ve gone through all this! Here’s the big reveal.

    If you repeat the same process in jvisualvm for the second Spring Boot instance, you will see the same results.

    So, firstly we’re seeing that Hazelcast is caching key elements of our session. And, secondly, Hazelcast is automatically synchronizing the cached information from instance to the other in the cluster.

    Cache with Hazelcast and Stormpath for Fun and Profit

    The sample Spring Boot application used in this post has a total of 3 classes: the Application, a Controller, and a Configuration. It’s the Configuration class that overrides the default built-in cache and replaces it with the distributed Hazelcast system.

    You could have any number of instances of the Spring Boot app. Hazelcast auto-discovers the nodes and synchronizes the cache – even if a new Hazelcast node is started after data has already been cached in it.

    For extra credit, if you log out of the app in your browser and log in again, you will notice that the /accounts endpoint is not hit a second time since the account information is coming from the cache. You can see this in the log output of the app.

    Spring’s CacheManager interface and the design of the Stormpath Java SDK make it super easy to drop in an external cache system and override the default built-in cache.

    Learn More

    Learn more about how Stormpath supports complete Identity Management across the Java and Spring ecosystems in our product documentation, or through any of these great resources:

  • A Simple WebApp with Spring Boot, Spring Security, and Stormpath — In 15 Minutes
  • A Beginner’s Guide to JWTs in Java
  • Single Sign-On for Java in 20 Minutes with Spring Boot and Heroku
  • The post Build a Spring Boot API with Hazelcast for Cached User Authentication appeared first on Stormpath User Identity API.

    GluuIIW Video Positions UMA as a Solution for Controlling Access and Enabling Privacy [Technorati links]

    October 05, 2016 07:08 PM

    At the spring 2016 Internet Identity Workshop (IIW #22) in Mountain View, CA, Heather Schlegel (a.k.a. @heathervescent) filmed three short videos on areas of interest related to Internet identity. One of the videos focuses on the User Managed Access (“UMA”) protocol–a set of OAuth-based access management specifications being developed at the Kantara Initiative to enable distributed authorization of data sharing between online services on an owner’s behalf. 

    UMA is strategically positioned to solve real world challenges around managing access to APIs, applications, and user data. In addition, UMA defines mechanisms for gathering identity information in a way that enables people to control with whom they share information. By providing a framework for people and organizations to control access decisions for their digital content, UMA offers a valuable contribution in the effort to enhance privacy and security online.

    The cost to film and produce this video was crowdfunded by more than 20 individuals who either work in, or have a personal interest in Internet identity. A special thanks to everyone who contributed to the campaign, including: 


    This video and the two others filmed at IIW #22 will be screened at the upcoming IIW #23, Oct. 25-27, 2016.

    Tickets are still available for IIW #23!

    If you are interested in testing UMA, the free open source Gluu Server could be a good place to start. Its implementation focuses on the Enterprise UMA use case which is described in detail on the Kantara website.

    For additional reading, review our UMA docs. And if you have questions or need technical support, register for a free account and open a ticket on the Gluu support portal.  


    Matthew Gertner - AllPeersProviding Employee Benefits Delivers an Exceptional Return on Investment [Technorati links]

    October 05, 2016 06:25 PM
    Providing Employee Benefits is more than just a nice thing to do for the people that work for youPhoto by CC users nyphotographic.com and thebluediamondgallery.com.

    More and more small businesses now offer better employee benefits packages than ever before. Nowadays, it’s no longer a question of whether to offer benefits, but rather how to pick an insurance plan that fits your business needs. This is a serious matter that takes a great deal of consideration, and anybody facing this decision should take the factors presented below into account.

    Cost to Employers

    Employees already cost an employer a great deal thanks to salaries and wages. However, offering benefits in addition to a paycheck saves money in the long run. According to Benefits Canada, an employee on basic benefits which include life insurance and health coverage plus prescription medication is now the norm. Some companies also offer additional benefits, including long-term disability, vision, and dental. An average employer pays about $8,330 per person, depending on coverage, but this protects against lost wages and health problems that can cause issues in the future.

    Average Cost of Insurance

    About 65% of Canadians currently have health insurance through the employer, according to Statistics Canada. However, the average household still spends about $4,000 on private insurance and $2,000 more on out-of-pocket expenses. The rising cost of healthcare has forced many Canadians to augment their employee benefits with private policies. Canadian law requires all employees to fully participate in company health coverage before adding private coverage. Only a few exceptions, such as maternity leave where spouses employed elsewhere pay less and have more services with lower deductibles, are allowed.

    Employers Looking at Better Options

    For the most part, Canadian employers have striven to keep the cost of health insurance for employees under 5%, but this has required some changes in what they offer. The Conference Board of Canada reports that these changes are highly strategic, focused on items such as providing generic options for prescription medicines, eliminating certain drugs, or increasing the employee share of premiums. This means that benefits are becoming highly competitive, and small businesses can thrive if they offer a solid health care option that larger employers who are increasing the employee burden do not. Providing good health benefits along with more comprehensive coverage is paying dividends for these employers.

    Supporting Employer Coverage

    The trend among certain businesses to offer improved benefits for their employees has started to showcase the long-term boons that these medical plans provide. The rise of more detailed options has allowed the cost of adding benefits to become lower across the board. Focusing on providing employee benefits is also a way that some employers are showing their conscientiousness, as it demonstrates a commitment to the employees. Employers are further aiding their cause by providing programs that are dedicated to empowering employees when it comes to their own health and making sure they stay healthy, thus reducing time lost to illness.

    Overall, providing employee benefits does come at a cost to the employer, but doing so also improves morale, serves as a way that small businesses can draw in talented employees who might gain work elsewhere, and much more. It also helps keep employees healthier, meaning that less work gets lost and less time gets missed in the long run.


    The post Providing Employee Benefits Delivers an Exceptional Return on Investment appeared first on All Peers.