Posts

VMWare - Cannot open the configuration

Issue: Cannot use VMware image If you cannot import or use a VMware image with following error "The configuration file xxx.vmx was created by a VMware product that is incompatible with this version of VMware Player or Workstation and cannot be used. Cannot open the configuration file xxx.vmx" Typically you may get this error if you are importing a vmware image provided by a vendor or got from another PC. This could be due the vmware image created by a different version of vmware player/workstation and the one that you are currently trying to run or import (in your current/local PC) Resolution: Edit the vmx file and check the property "virtualHW.version=x". Replace the number x with your current version of VMware that you are using to open or import the image.

What is HSTS - HTTP Strict Transport Security

Image
HSTS stands for HTTP Strict Transport Security. In essence it is actually a mitigation technique for SSL-Stripping attack. In practice one may encounter message when accessing websites (see below details) Various attacks attempt to remove the use of Secure Socket Layer/Transport Layer Security (SSL/TLS) altogether by modifying unencrypted protocols that request the use of TLS, specifically modifying HTTP traffic and HTML pages as they pass on the wire. These attacks are known collectively as " SSL Stripping " (a form of the more generic "downgrade attack") and were first introduced by Moxie Marlinspike [SSL-Stripping].  In the context of Web traffic, these attacks are only effective if the client initially accesses a Web server using HTTP.  A commonly used mitigation is HTTP Strict Transport Security (HSTS) [RFC6797]. HSTS is now supported in all leading browsers - Chrome, Firefox, Safari, Edge, IE. One of the several new features in Chrome is the addition o...

User Authentication with OAuth 2.0

Image
This (original) article has been taken from OAuth protocol website. (https://oauth.net/articles/authentication/) and highlighted text has been added for better explanation and clarity. It provides information on the OAuth protocol which deals with only delegated authorization. Often it is assumed and misused to include authentication. OAuth protocol does not include authentication .  And to complete the stack, OpenID Connect has been built on top of OAuth which provides for authentication (however, OpenID Connect is not the focus of this post. It was mentioned to bring the relationship between these two protocols) User Authentication with OAuth 2.0 The  OAuth 2.0  specification defines a  delegation  protocol that is useful for conveying  authorization decisions  across a network of web-enabled applications and APIs. ( This means that OAuth is a HTTP based protocol ) OAuth is used in a wide variety of applications, including providing mechanism...

Oracle Access Manager OAM 12c release - 12.2.1.3.0

Latest Release of OAM is now 12.2.1.4.0 In 12c release, Oracle suite for Identity and Access Management is now called as Oracle Identity Management 12c.  The latest 12c release is now 12.2.1.4.0 also called as 12c PS4. The latest release of 12c is now 12c PS4 available for download here .  The certification matrix is available here .  Enterprise Deployment Guide for Oracle Identity and Access Management is available here .  Integration Guide for Oracle Identity Management Suite is here High Availability and Multi Datacenter deployment guides references are here and here The 12c release is now 12c PS4 i.e 12.2.1.4.0. The previous release was 12c PS3 , i.e 12.2.1.3.0 (The earlier version were 11gR2 PS3 or 11.1.2.3 from the 11gR2 series/versions  - 11gR1, 11gR2 PS1, 11gR2 PS2 and 11gR2 PS3.) The 12c release, 12c PS4 and PS3, comprises of the 3 main components Identity Governance Access Manager Directory Services (1)  Identity Governance  ( ...

How to Dockerize nginx: 5 steps

Image
How to Dockerize Nginx or How to run Nginx web server in a container or How to containerize Nginx What does Dockerize an application mean? It simply means to create a container of your application that you can deploy on an Operating system. And what exactly is a container - you can consider a "Container" to be a packaged software which contains all its dependencies wrapped into this package, so that it can run in an Operating system. This container is a complete package that includes everything, such as code, system libraries, configuration etc. Hence this container can be easily transferred or moved to any other environment. If your container or the containerized application has been tested to work in one environment, say Development environment, now this container is guaranteed to work and behave the same way when moved to another new environment, say a QA or Test environment. In practice, one creates an image for a particular containerized application, and this image can ...