Single Sign On – You’re Probably Doing It Wrong

Arnes Blanert wrote an extensive article for the architect magazine on the subject of Single Sign On (SSO).  It covers both authentication and authorization via a variety of widely and not so widely used methods, including oAuth, SAML, JSON Web Token and more.

As someone who was involved in a variety of Single Sign On implementations (see some of the posts on the subject in my blog), I wish I had an article like this in my RSS feeds much much earlier.

The sudden death and eternal life of Solaris

Bryan Cantrill wrote this blog post on the death of Solaris.  Here’s a bit like the most about it, which talks about the proprietary software vs. Open Source:

Assuming that this is indeed the end of Solaris (and it certainly looks that way), it offers a time for reflection. Certainly, the demise of Solaris is at one level not surprising, but on the other hand, its very suddenness highlights the degree to which proprietary software can suffer by the vicissitudes of corporate capriciousness. Vulnerable to executive whims, shareholder demands, and a fickle public, organizations can simply change direction by fiat. And because — in the words of the late, great Roger Faulkner — “it is easier to destroy than to create,” these changes in direction can have lasting effect when they mean stopping (or even suspending!) work on a project. Indeed, any engineer in any domain with sufficient longevity will have one (or many!) stories of exciting projects being cancelled by foolhardy and myopic management. For software, though, these cancellations can be particularly gutting because (in the proprietary world, anyway) so many of the details of software are carefully hidden from the users of the product — and much of the innovation of a cancelled software project will likely die with the project, living only in the oral tradition of the engineers who knew it. Worse, in the long run — to paraphrase Keynes — proprietary software projects are all dead. However ubiquitous at their height, this lonely fate awaits all proprietary software.

There is, of course, another way — and befitting its idiosyncratic life and death, Solaris shows us this path too: software can be open source. In stark contrast to proprietary software, open source does not — cannot, even — die. Yes, it can be disused or rusty or fusty, but as long as anyone is interested in it at all, it lives and breathes. Even should the interest wane to nothing, open source software survives still: its life as machine may be suspended, but it becomes as literature, waiting to be discovered by a future generation. That is, while proprietary software can die in an instant, open source software perpetually endures by its nature — and thrives by the strength of its communities. Just as the existence of proprietary software can be surprisingly brittle, open source communities can be crazily robust: they can survive neglect, derision, dissent — even sabotage.

AWS Application Load Balancer

I found this visual primer to the Application Load Balancing on the Amazon AWS quite interesting.  Application Load Balancing is not something I am using just yet, but it’s getting there.  With more and more services and pricing schemas available from Amazon, explaining things simply is not as easy as it may seem.

oEmbed specification

oEmbed has been around for a while and there are some really nice implementations of it.  For example, in WordPress, where pasting a URL to YouTube video, Flickr photo, Twitter tweet, and a number of other services, will result in a nicely formatted embedded snippet from an external site.  WordPress does not only consume the oEmbed, but also provides embeddable content.

For a while now, I’ve been thinking about ways to utilize it.  There are quite a few applications of oEmbed that make sense for our projects at work.  For now, I’ll just leave you here with the link to the oEmbed specification.