Monthly Archives: February 2016

SSO with PingFederate using SAML

Ping Federate is a third party vendor that provides capabilities for Single Sign On (SSO) using either SAML or WS-Federation protocol. I recently worked on a project where we had to provide these capabilities to applications.

Here I document how I achieved this through SAML protocol.

SAML stands for Security Assertion Markup Language and it is an open-standard data format for exchanging information related to authentication and authorization (Source-Wikipedia – SAML ). SAML is used mostly for web browser SSO.

Ping Federate plays the role of an Identity Provider or Service Provider depending on what purpose you are using it for.

In this particular post, we will be seeing how an SP-initiated SSO works with Ping Federate.

SSO with Ping  Federate-

Create an SP connection in Ping Federate

Firstly, create a unique connection for your SP service in Ping Federate, this unique connection will be identified by Ping Federate with Entity Id which you will create in Ping Federate. Provide an Assertion Consumer Service (ACS) URL in your connection in Ping Federate. Basically, Ping will send a response back at ACS URL. There is a step-by-step process to create an SP connection in Ping Federate.

You will need to specify a protocol for this connection. For our post purposes, we are using SAML 2.0. What binding to use? Post, Redirect, Artifact, SOAP. For this post, we will be using Post or Redirect.

During the process, you also provide an IdP adapter in the connection. IdP adapter is nothing but a way of authentication – how do you want a user to be authenticated? Through an HTML form or Windows Account?

You will also need to provide a signing certificate if you are going to send a signed login request to Ping Federate.

Once you create a connection, you set that connection as ACTIVE in ping.

Changes on SP Side

Now when you send a Login request to ping, it will post on the protocol endpoint URL from the ping side. So Ping provides certain static endpoints for your connection. If Ping is installed on a server called abc.com, the endpoint for Ping will be abc.com/idp/SSO.saml2 and this is where you will post your login request. Here is a sample Login request looks like


<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_bec424fa533dj2ff020502892fghjjf221" Version="2.0" IssueInstant="2016-02-10T11:39:34Z" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://abc.bloodycoders.com/login/saml2/sp/AssertionConsumerService.php">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
urn:mace:bloodycoders.com:services:abc.bloodycoders.com
</saml:Issuer>
<samlp:NameIDPolicy xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="abc.bloodycoders.com" AllowCreate="true" />
<samlp:RequestedAuthnContext xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Comparison="exact">
<saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

Ping Federate will verify the request based on entity id and where it needs to send the response. If the request is valid, it will send a response. On the SP side, you then verify the response if it is coming from an authentic source.

(I have not included a response back from Ping Federate for post purposes).

If you enjoyed this post, send me a response here.

The Art of learning – Part II

If you have missed the notes from Part I, they are Here.

Part II notes begin below

85) If I want to be the best, I have to take risks other would avoid, always optimizing the learning potential of the moment and turning adversity to my advantage. That said, there are times when the body needs to heal but those are ripe opportunities to deepen the mental, technical, internal side of my game.

86) When aiming for the top, your path requires an engaged, searching mind. You have to make obstacles spur you to reactive new angles in the learning process.
Let setbacks deepen your resolve. You should always come off an injury or a loss better than when you went down.

87) It is all too easy to get caught up in the routines of our lives and to lose creativity in the learning process. Even people who are completely devoted to cultivating a certain discipline often fall into a mental rut, a disengaged lifestyle that implies excellence can be obtained by going through the motions. We lose presence.

88) If dirty opponents inspire a great competitor to raise his game, he should learn to raise his game without relying on the ugly ruses of his opponents. Once we learn how to use adversity to our advantage, we can manufacture the helpful growth opportunity without actual danger or injury. I call this tool the internal solution – we can notice external events that trigger helpful growth or performance opportunities, and then internalize the effects of those events without their actually happening. In this way, adversity becomes a tremendous source of creative inspiration.

89) Clearly, there is a survival mechanism that allows human beings to channel their physical and mental capacities to an astonishing degree of intensity in life-or-death moments, but can we do this at will?

90) Artists often refer to intuition as a muse. In my opinion, intuition is our most valuable compass in this world. It is the bridge between the unconsicous and the conscious mind.

91) You start with the fundamentals, get a solid foundation fueled by understanding the principles of your discipline, then you expand and refine your repertoire, guided by your individual predispositions, while keeping in touch, however abstractly, with what you feel to be the essential core of the art.

92) Chunking relates to the mind’s ability to assimilate large amounts of information into a cluster that is bound together by certain patterns or principles to a given discipline.

93) The stronger the player, the more sophisticated was his or her ability to quickly discover connecting logical patterns between the pieces(attach,defense,tension, pawn chains etc.) and thus they had better chess memories.

94) In a nutshell, chunking relates to the mind’s ability to take lots of information, find a harmonizing/logically consistent strain, and put it together into one mental file that can be accessed as if it were a single piece of information.

95) By “carved natural pathways” I am referring to the process of creating chunks and the navigation system between chunks. I am not making a literal physical description, so much as illustrating the way the brain operates.

96) Over time each chess principle loses rigidity, and you get better and better at reading the subtle signs of qualitative relativity. Soon enough, learning becomes unlearning. The stronger chess player is often the one who is less attached to a dogmatic interpretation of the principles.

97) The network of my chess knowledge now involves principles, patterns and chunks of information, accessed through a whole new set of navigational principles, patterns, and chunks of information.

98) Learning chess at this level becomes sitting with paradox, being at peace with and navigating the tension of competing truths, letting go of any notion of solidity.

99) Everyone at a high level has a huge amount of chess understanding, and much of what separates the great from the very good is deep presence, relaxation of the conscious mind, which allows the unconscious to flow unhindered. This is a nuanced and largely misunderstood state of mind that when refined involves a subtle reintegration of the conscious mind into a free-flowing unconscious process. The idea is to shift the primary role from the conscious to the unconscious without blissing out and losing the precision the conscious can provide.

100) Chess players must let the unconscious flow while the conscious leads and follows, sorting out details, putting things in order, making precise mathematical calculations.

101) I am making networks of chunks and paving more and more neutral pathways, which effectively takes huge piles of data and throws it over to my high-speed processor- the unconscious. Now my conscious mind, focusing on less, seems to rev up its shutter speed from, say, four frames per second to 300 or 400 frames per second. The key is to understand that my trained mind is not necessarily working much faster than an untrained mind-it is simply working more effectively, which means that my conscious mind has less to deal with.

102) Life-or-death scenario kicks the human mind into a very narrow area of focus. Time feels slowed down because we instinctively zero in on a tiny amount of critical information that our processor can then break down as if it is in a huge font. The trained version of this state of mind shares that tiny area of conscious focus.

103) We cultivate this experience by converting all the other surrounding information into unconsciously integrated data instead of ignoring it.

104) In most situations, we need to be aware of what is happening around us, and our processor is built to handle this responsibility. The key is to practice.

105) At the opponent’s slightest move, I move first, as pertaining to intention-reading and ultimately controlling intention. The deepest form of adherence or shadowing involves a switching of roles, where the follower becomes the followed in a relationship in which time seems to twist in a tangle of minds-this is how the great Tai Chi or Aikido artist guides the opponent into a black hole, or appears to psychically impel the other throw himself on the ground.

106) I let opponents read my facial expressions as I moved through thought processes. My goal was to use my natural personality to dictate the tone of the struggle.

107) Impatience while standing on line at the buffet might betray a problem sitting with tension. It’s amazing how much you can learn about someone when they get caught in the rain! Some will run with their hands over their heads, others will smile and take a deep breath while enjoying the wind. What does this say about one’s relationship to discomfort? The reaction to surprise? The need for control?

108) In physical disciplines like the martial arts, getting into the opponent’s head has an immediate and often violent effect that is much more visible to the observing eyes.

109) Imagine the condensing process of making smaller circles applied to the observation and programming side of this interaction.

110) He is already set up to be thrown with a one-two combination because his reaction to the one is already predictable. I will move before his two. Taking this one step further, if my first movement is condensed enough, it will hardly manifest physically at all. My two appears to be a one. At the opponent’s slightest move, I move first.

111) The battle becomes about reading breath patterns and blinks of the eye, playing in frames the opponent is unaware of, invisible technical manipulation that slowly creates response patterns.

112) In virtually every competitive physical discipline, if you are a master of reading and manipulating footwork, then you are a force to be reckoned with.

113) There are two intertwined components to this process. The first is condensed technique. The second is enhanced perception.

114) There are many weaknesses or tells that may be used to approach this goal – breath patterns, physical tension, inferior technical understanding, complacency,emotion, distraction, and an array of other unconscious, predictable habits can all be homed in on or combined for the desired effect. For simplicity’s sake, let’s focus on the eyes. Specifically the blink.

115) If, through incremental training as described earlier in the book, your unconscious understanding of your discipline of choice has become sufficiently advanced, and you have learned how to trust your physical and intuitive intelligence to handle the technical components of your moment, then your conscious mind can zoom in on very small amounts of data – in this case, the eyes.

116) The car salesman and potential buyer are opponents. When two highly trained minds square off, in any field, the players are in a fight to enter each other’s heads. These exchanges feel like epic tennis rallies in which the tilt of battle sways back and forth as one player picks up on a faint tell that may or may not exist long enough to be exploited, and the other has to feel the danger, and swat the rival out of his mind before it is too late.

117) To master these psychological battles, it is essential to understand their technical foundation.

118) Grandmasters know how to make the subtlest cracks decisive. The only thing to do was become immune to the pain, embrace it, until I could work through hours of mind numbing complexities as if I were taking a lovely walk in the park. I spent years working on this issue, learning how to maintain the tension-becoming at peace with mounting pressure.

119) In every discipline, the ability to be clearheaded, present, cool under fire is much of what separates the best from the mediocre.

120) While more subtle, this issue (of being present) is perhaps even more critical in solitary pursuits as writing, painting, scholarly thinking, or learning. In the absence of continual external reinforcement, we must be our own monitor, and quality of presence is often the best gauge. We cannot expect to touch excellence if “going through the motions” is the norm of our lives. On the other hand, if deep, fluid presence becomes second nature, then life, art, and learning take on a richness that will continually surprise and delight. Those who excel are those who maximize each moment’s creative potential – for these masters of living, presence to the day-to-day learning process is akin to that purity of focus others dream of achieving in rare climactic moments when everything is on the line.

121) The more present we are at practice, the more present we will be in competition, in the boardroom, at the exam, the operating table, the big stage.

122) We have to be prepared by a lifestyle of reinforcement. Presence must be like breathing.

123) Concept of stress and recovery – One of the most telling features of a dominant performer is the routine use of recovery periods. Players who are able to relax in brief moments of inactivity are almost always the ones who end up coming through when the game is on the line.

124) The notion that I didn’t have to hold myself in a state of feverish concentration every second of a chess game was a huge liberation.

125) Regardless of the discipline – the better we are at recovering, the greater potential we have to endure and perform under stress.

126) At LGE, they had discovered that there is a clear physiological connection when it comes to recovery-cardiovascular interval training can have a profound effect on your ability to quickly release tension and recover from mental exhaustion. What is more, physical flushing and mental clarity are very much intertwined.

127) To this day, virtually every element of my physical training revolves around one form or another of stress and recovery.

128) In your performance training, the first step to mastering the zone is to practice the ebb and flow of stress and recovery. This should involve interval training as I have described above, at whatever level of difficulty is appropriate for the age and physical conditioning of the individual.

129) Create a rhythm of intervals like the one I described with my biking. With practice, increase the intensity and duration of your sprint time, and gradually condense rest periods – you are on your way.

130) So if you are reading a book and lose focus, put the book down, take some deep breaths, and pick it up again with a fresh eye.

131) Some simple meditation practice in which your mind gathers and releases with the ebb and flow of your breath.

132) For one thing, now that your conscious mind is free to take little breaks, you’ll be delighted by the surges of creativity that will emerge out of your unconscious. You’ll become more attuned to your intuition and will slowly become more and more true to yourself stylistically. The unconscious mind is a powerful tool, and learning how to relax under pressure is a key first step to tapping into its potential.

133) If you spend a few months practising stress and recovery in your everyday life, you’ll lay the physiological foundation for becoming a resilient dependable pressure player.

134) Not only do we have to be good at waiting, we have to love it. Because waiting is, not waiting, it is life.

135) To have success in crunch time, you need to integrate certain healthy patterns into your day-to-day life so that they are so completely natural to you when the pressure is on. The real power of incremental growth comes to bear when we truly are like water, steadily carving stone. We just keep on flowing when everything is on the line.

136) Let me emphasize that your personal routine should be determined by your individual tastes.

137) The alien feeling of the environment seemed to heighten the threat of my opponents. I was feeling off-balance so I went into my routine, which at that point was a thirty-minute visualization exercise. I came out of it raring to go.

138) I had learned from Jack Groppel at LGE to eat five almonds every forty-five minutes during a long chess game, to stay in a steady state of alertness and strength.

139) Only you know your own body, but the key to nutrition in unpredictable environments like Taiwanese martial arts tournaments is to always be prepared for      exertion by being nourished, but never to have too full a stomach and thereby dull your senses.

140) In life, after all, things don’t always go according to schedule. Ideally we should be able to click into the zone at a moment’s notice.

141) The next step of the process is to gradually alter the routine so that it is similar enough so as to have the same physiological effect, but slightly different so as to make the “trigger” both lower-maintenance and more flexible. Th key is to make the changes incrementally, slowly, so there is more similarity than difference from the last version of the routine. This way the body and mind have the same physiological reaction even if the preparation is slightly shorter.

142) This process is systematic, straightforward, and rooted in the most stable of all principles: incremental growth.

143) I trained myself to be completely prepared after a deep inhalation and release. I also learned to do the form in my mind without moving at all. The visualization proved almost as powerful as the real thing.

144) The ideal for any performer is flexibility. If you have optimal conditions, then it is always great to take your time and go through an extended routine. If things are less organized, then be prepared with a flexible state of mind and a condensed routine. Presence has taught me how to live.

145) There are those elite performers who use emotion, observing their moment and then channeling everything into a deeper focus that generates a uniquely flavored creativity.

146) How to use the most decisive emotions, one that can make or break a competitor – ANGER

147) First we learn to flow with distraction. Then we learn to use distraction, inspiring ourselves with what initially would have thrown us off our games. Finally we learn to re-create the inspiring settings internally. We learn to make sandals.

148) It took me sometime to realize that blocking out my natural emotions was not the solution. Instead of being thrown off by or denying my irritation, I had to somehow channel it into a profound state of concentration.

149) The next step in my growth process would be to stay true to myself under increasingly difficult conditions.

150) There were two components to this work. One related to my approach to learning, the other to performance. On the learning side, I had to get comfortable dealing with guys playing outside the rules and targeting my neck, eyes, groin etc. This involved some technical growth, and in order to make those steps I had to recognize the relationship between anger, ego and fear. I had to develop the habit of taking on my technical weaknesses whenever someone pushed my limits instead of falling back into a self-protective indignant pose. Once that adjustment was made, I was free to learn. Dirty players were my best teachers.

151) On the performance side, I had made some strides, but still had a long way to go. First of all, I had to keep my head on straight no matter what. Feelings of anger and fear and elation emerge from deep inside of us and I think blocking them out is an artificial habit. In my experience, competitors who make this mistake tend to crumble when pushed far enough.

152) The only way to succeed is to acknowledge reality and funnel it, take the nerves and use them. We must be prepared for imperfection. The Soft Zone approach is much more organic and useful than denial.

153) It has been my observation that the greatest performers convert their passions into fuel with tremendous consistency.

154) Instead of being dominated by or denying my passions, I slowly learned how to observe them and feel how they infused my moment with creativity, freshness, or darkness.

155) Instead of running from our emotions or being swept away by their initial gusts, we should learn to sit with them, become at peace with their unique flavors, and ultimately discover deep pools of inspiration.

156) While initially this may have been disorienting, now I used it to sharpen my game, up the intensity, funnel my primal heat into a penetrating focus.

157) I highly recommend that you incorporate the principles of Building Your Trigger into your process. Once you are no longer swept away by your emotions and can sit with them even under pressure, you will probably notice that certain states of mind inspire you more than others.

158) There is, however, a process we can follow to discover our unique path. First, we cultivate The Soft Zone, we sit with our emotions, observe them, work with them, learn how to let them float away if they are rocking our boat, and how to use them when they are fueling our creativity. Then we turn our weaknesses into strengths until there is no denial of our natural eruptions and nerves sharpen our game, fear alerts us, anger funnels into focus. Next we discover what emotional states trigger our greatest performances. Introspect. The Make Sandals.

159) The real art in learning takes place as we move beyond proficiency, when our work becomes an expression of our essence.

160) While this principle of penetrating the macro through the micro is a critical idea in the developmental process, it is also an absolutely pivotal foundation for a great competitor.

161) Watching yourself on video, you can spot tells or bad habits. You can refine your techniques by breaking down what works and what doesn’t.

162) What I think about creativity, it is always in relation to a foundation. We have our knowledge. It becomes deeply internalized until we can access it without thinking about it. Then we have a leap that uses that we know to go one or two steps further. We make a discovery. Most people stop here and hope that they will become inspired and reach that state of “divine insight” again. In my mind, this is a missed opportunity. Imagine that you are building a pyramid of knowledge. Every level is constructed of technical information and principles that explain that information and condense it into chunks. Once you have internalized enough information to complete one level of the pyramid, you move on to the next. Say you are ten or twelve levels in. Then you are have a creative burst like the ones Dan and I had in the ring. In that moment, it is as if you are seeing something that is suspended in the sky just above the top of your pyramid. There is a connection between that discovery and what you know-or else you wouldn’t have discovered it-and you can find that connection if you try. The next step is to figure out the technical components of your creation. Figure out what makes the magic tick.

163) In the end, mastery involves discovering the most resonant information and integrating it so deeply and fully it disappears and allows us to fly free.