<h6>{{object.time | date:'MM/dd/yyyy hh:mm a' }}</h6>
</td>
<td>
{{object.text}}
</td>
</tr>
</table>
</div>
</div>
Enjoy!!!
About The Author
Julian Zhu is a principal consultant and managing partner at Boston Software Group Inc in Boston. He previously worked at CVS Health managing Enterprise Architecture team, and consultant at Greenwich Technology Partners. Contact him at julian.zhu@bostonsoftwaregroup.com if you have any question. Thank you.
posted Aug 3, 2016, 8:35 AM by Julian Zhu
[
updated Dec 27, 2016, 7:07 AM
]
Update:
I never completed the Play framework since I don't believe Play is so practical to learn when business problems can be resolved by many other technologies that I am very familiar with. Why bother to Play? :-)
Of course, you don't have to agree with me. Everyone has his/her own background/experience, and perspective.
CREATE DATABASE IF NOT EXISTS play_store CHARACTER SET utf8 COLLATE utf8_general_ci;
USE 'play_store';
CREATE TABLE IF NOT EXISTS categories (
id INT(3) UNSIGNED NOT NULL AUTO_INCREMENT,
name VARCHAR(100) NOT NULL,
PRIMARY KEY (id)
);
CREATE TABLE IF NOT EXISTS products (
id INT(5) UNSIGNED NOT NULL AUTO_INCREMENT,
categories_id INT(3) UNSIGNED NOT NULL,
name VARCHAR(100) NOT NULL,
description TEXT NOT NULL,
price DOUBLE(7, 2) NOT NULL,
PRIMARY KEY (id)
);
file: conf/applicaiton.conf
jpa.default=MyPlayPersistenceUnit
Create a new file for persistence configuration: conf/META-INF/persistence.xml
posted May 30, 2016, 5:55 PM by Julian Zhu
[
updated Jul 23, 2016, 5:43 AM
]
Summary
A large enterprise needs to consider how to solve user identity management and application security access control problems while moving to the cloud. Microsoft Azure offers more than Cloud infrastructure. Comparing with other cloud platform providers, Microsoft Azure is very unique in the way how Microsoft extends its enterprise Activity Directory services to the cloud:
Active Directory on the Cloud (Azure AD)
B2C Directory Service
Access Control Services or Access Management (IAM)
Identity Management (IDM)
APIs
Office 365 Integration
OSC and Microsoft Joint Webinar on "Microsoft Azure and Application Security Integration"
To What the Full Video for the Webinar our team presented on 06/02/2016:
Overview
Microsoft Azure AD and Access Control Services Connect Right User to the Right Data with Right Access Control
Microsoft Azure Suports OAuth Architecture
Here is a typical oAuth architecture
Microsoft Azure Supports SAML Architecture
Here is a typical SAML architecture
Microsoft Azure AD for B2B/B2C Application Authentication
Here is a high level sequence diagram illustrating architecture.
Demo Application
Our demo app demonstrates the easy application integration with Microsoft Azure for:
Manage Azure Active Directory
B2C Application User Enrollment (Sign up) & Login (Authentication) using Azure Acitive Directory
Corporate & B2B Application Authentication using Azure Active Directory
Enable SSO to Third Party applications (by configuration not by coding) on Azure cloud
Enable social identity for authentication (by configuration not by coding) on Azure cloud
Please refer to the webinar video above to see the demo. Or you can always reach out to us request a live demo and/or discussion.
More Considerations
Enterprise Strategy and Road map: Identity Management, Authentication, and SSO
AD Synchronization and Migration: Keep AD sync'ed for a hybrid architecture
IoT: Support IoT in your enterprise security landscape
Other SP and IDP
Other Cloud
About The Author
Julian Zhu is the managing partner & principal consultant at OSC Technologies (http://www.oscgc.com) leading technology innovation and consulting. Previously he was Sr. Manager of Enterprise Architecture Team and Enterprise Digital Solution Architect at CVS Health.
Visit Julian's Blog at: http://www.julianzhu.us for more information. To contact Julian for consulting services, please send email julian6866 [at] gmail dot com.
posted May 21, 2016, 7:38 PM by Julian Zhu
[
updated Jun 10, 2016, 9:16 PM
]
This blog provides an over-simplified overview of SAML/SSO implementation.
SSO/SAML Architecture Overview
Let's review some basics.
A Single Sign-On Solution typically involves three architecture components:
A User: who wants to access a system (in this case: the resource a Service Provider provides)
A Service Provider: manages a business application for a user to access information or functionalities
An Identity Provider: an infrastructure component that is responsible for validating user's identity
The following diagram illustrates the overall work flow on how the SAML/SSO works.
In the context of SAML/SSO, here is a list of obvious but key architecture info you should understand:
Service Provider and Identity Provider need to know each other in order for the solution to work.
Service Provider will redirect request to Identity Provider (when user has not been authenticated)
Identity Provider will post info back to Service Provider (so that Service Provider receives user attribute data to use)
The protocol and message format used for the communication: SAML (Security Assertion Markup Language)
SAML/SSO: Context Diagram
Functional Scenario: Implement Identity Provider
There are different scenarios you may design for SSO implementation.
This tutorial shows how to implement one SAML/SSO scenario:
Identity Provider: We implement an SAML Identity Provider using SimpleSAMLPHP
We create a MYSQL database table to store user identity information and attributes
We configure SAML settings for this hosted IDP.
Service Provider: We configure Google Security to use our Identity Provider to provide Single Sign-On for Google Mail application.
Once we implement this, we will able to allow user to input their user name and password (stored in our Identity Provider system) to access Google Mail (enabled to work with our Identity Provider).
Here it the demo:
Julian Zhu | OSC Technologies
How to Implement
Step 1. Implement Identity Provider
(In our example, we use SimpleSAMLPhp. We have a reference implementation using Java as well. )
Implement auth data source (e.g. MySQL database/table as user identity repository) Download & Install SimpleSAMLphp Configure SAML2.0-idp-host information (for accessing user identity authsources Configure SAML2.0-sp-remote information (for Google)
Implement MySQL user identity data store
Field Name
Description
id
Primary key
user_name
user name used for authentication
password
password used for authentication
uid
Could be email address as an attribute mapping to Google account id (email address)
Edit config\authsources.php
This defines what identity data source to use for authenticating user
OSC Identity Provider - Reference Implementation (Java or PHP)
Step 2. Configure Google (As Service Provider)
Login to google admin console where you can manage the Security settings for Google (as service provider):
Select "Set up single sign-on (SSO)"
Specify the Identity Provider information:
This requires information from Identity Provider including a few key URLs for SAML communication, as well as an Identity Provider digital certificate used for data encryption purpose.
Congratulations
Now you have a complete SAML/SSO solution.
To extend/customize your own solution, you have choices of implementing technology including Java Open SAML. There are quite a few hosted cloud services that can be worked as Identity Provider to make job easier. However, to select right one for your business may not be that straightforward given IT investment and technology standards you already have in house. Contact me if you have any question or comment.
posted May 15, 2016, 7:18 PM by Julian Zhu
[
updated Dec 8, 2016, 8:16 AM by Julian Zhu
]
This blog you are reading now is not about data, it is about "Accessibility".
I will soon write a blog about data and how it supports customer engagement -- my research at college and graduate school was high energy physics and statistics physics -- a lot of modeling and computation. Please stay tuned on that.
Here is just a quick update on research I recently did and product prototype I have built around "Accessibility".
It also demonstrates key capabilities that native mobile devices can deliver are far more sophisticated and capable than HTML.
This blog is not trying to start another debate about native vs. hybrid vs. HTML. Coming from physics background, I fully understand that hardware and software together can make a perfect digital product. In the real-world application, it totally depends on whether or not you (as business) care or not about those capabilities.
Let me highlight a few things I have built for research and demonstration purpose:
Feature 1. (Once User Enables) Mobile Device is now aware of what is happening and will take action on the behalf of user when needed.
Feature 2. (Text-to-Speech) Any communication (from inside or outside of mobile device), can now be announced as voice to user.
Feature 3. (Voice Command/Input/Recognition) Mobile App can now prompt and take voice input from user and take action for user.
Feature 4. Near-Field-Communication (NFC) devices
Feature 5: A powerful mobile app task engine framework
All these features greatly improve user engagement and experience.
Please note:
All the features mentioned in this blog have been implemented and ready for integration & customization to enable similar capabilities for your mobile application.
You don't have to reinvent the wheels.
Demo 1: Mobile Device Receives an Event, Triggers Automated User Action
In this demo, the action is triggered by mobile push notification to automate user action for the most popular Chinese social app - WeChat.
YouTube Video
Demo 2: Register a NFC device to Trigger Event/Action on the behalf of the User
This demo shows how the mobile app discovers a new NFC device. Prompt user to register the device for event triggering.
Once registered, the future scan of the same device will trigger and/or automate action on the behalf of the user - in this demo, it initiates a phone call automatically.
YouTube Video
Demo 3. Text-To-Speech Triggered When Receiving Social Platform Notifications
Once enabled, mobile app will be aware of the social platform notification events (or any type of events) and convert text to speech (or take any type of actions).
With this app, you could listen to your favorite social platform messages while driving, and more interestingly, you could use voice to reply (continue reading below).
Demo 4. Use Voice Command/Input to Respond to an Event - Responding to Social Messages All by Voice
Once enabled by user, mobile app will prompt user for voice command/input. It supports multi-languages.
Demo 5. Trigger/Automate a Task from Sensor Behaviors
Mobile devices/sensors behavior can be used to trigger events. The following example shows how a rule can be set up by a user for the mobile app to be aware of sensor behavior (in this case monitoring shake behavior) and trigger user defined action - in this case, it automatically initiates a phone call.
Stay Tuned for More on this Topic:
Security for Implementing Accessibility
About The Author
Julian Zhu is the managing partner & principal consultant at OSC Technologies (http://www.oscgc.com) leading technology innovation and consulting. Previously he was Sr. Manager of Enterprise Architecture Team and Enterprise Digital Solution Architect at CVS Health.
Visit Julian's Blog at: http://www.julianzhu.us for more information. To contact Julian for consulting services, please send email julian6866 [at] gmail dot com.
posted May 8, 2016, 3:07 PM by Julian Zhu
[
updated May 17, 2016, 6:21 PM by Julian Zhu
]
There are many ways of building RESTful web Sevices & API.
This tutorial shows you how to build one in an easy and quick way using Google Sites and App Scripts to serve API and use Google Sheets to serve data.
Typical use is to serve public data services/API.
Google oAuth 2.0 can be easily added without any coding.
Step 1. Prepare Your Data
Create a Google Sheet in Google Drive and popular data. The highlighted part is the Google Sheet ID that you will use later to reference this sheet and retrieve data.
Step 2. Create a Google Site (https://sites.google.com)
If you don't know how to create a Google Site, you may read some other quick guide on the Internet.
Step 3. Go to Google Site Edit Mode
From the drop down, select "Manage site".
Step 4. Click "Apps Scripts"
Step 5. Create a new Google Apps Script by clicking "Add new script".
Your existing scripts are listed here so that you can always come back and edit them.
Step 6. Now, you can start writing your first Google Apps Script.
If you know JavaScript, coding is very straightforward.
Step 7. Let's Copy & Paste my sample code
Company Ticker API
/*** main HTTP (GET and POST) interaction *************************/
function doGet(e) {
return doPost(e);
}
function doPost(e) {
var apiKey = e.parameters.apiKey;
var operation = e.parameters.operation;
var args = e.parameters.args;
var response;
if(!validateKey(apiKey)) {
response = sendFailResponse("500", "Fail - Invalid API Key");
} else {
if(operation == 'GetTickers') {
response = GetTickers();
} else {
response = sendFailResponse("500", "Fail - operation not supported");
return "34Vp54TdfVnO547R3N843olkrzJm2Vtza4JZIw6h8Wu33D"; // this is the sheet we created earlier
}
function loadTickets() {
var objs = new Array();
var spreadSheet = SpreadsheetApp.openById(getMasterSheetID());
var sheet = spreadSheet.getActiveSheet();
var data = sheet.getDataRange().getValues();
// start from row 1
for(var i=1; i < data.length; i++) {
var obj = {
ticker: data[i][0],
name: data[i][1]
};
objs.push(obj);
}
return objs;
}
Step 8. Save the Scripts.
You may click "Run" and select methods to test run.
Some method (e.g. doPost()) may depend on request parameters, and it may report error -- don't worry. We will test the API soon.
Once we are ready to deploy and test, we may click "Publish" for testing. See next step on "Publish".
Step 9. Publish API
Select appropriate permission to publish API script. In order for the API being used publicly, you may follow the similar permission on the example below.
Follow the screen to authorize the publishing.
Step 10. Congratulations! You just published a RESTFul API.
To test the API: Copy the API URL from above and append it with a valid operation parameter:
Tip: Please use HTTP Post in your API client code.
If you don't append appropriate API key or operation, you will get an failed response message.
Enjoy!
About The Author
Julian Zhu is a principal consultant and managing partner at OSC Technologies at the Great Boston area. He previously worked at CVS Health managing Enterprise Architecture team, and consultant at Greenwich Technology Partners. Contact him at julian.zhu@oscgc.com if you have any question. Thank you.