December 05, 2016

KatasoftBuild a REST API for your Mobile Apps with ASP.NET Core MVC [Technorati links]

December 05, 2016 11:23 PM

Nowadays, RESTful APIs are the standard way of exposing backends to applications.
They allow you to share your business logic between different clients with a low level of coupling through a super-standardized protocol: HTTP.

One of the biggest challenges when building REST API is authentication. Typically, we manage this with JWTs. Unfortunately, ASP.NET Core doesn’t fully support this out-of-the-box.

The good news is that the Stormpath ASP.NET Core library allows us to add JWT authentication to any API with minimal configuration.

In this tutorial, we will create a REST API in ASP.NET Core to manage a list of books.
Our example API will allow users to register and login to manage their books. This simple project could be the base for a future social media application that connects readers and supports book reviews.
The source code is available on GitHub, so feel free to check the finished code and play with it.

Let’s get started!

Create the Web API Project

Open up Visual Studio, and create a new ASP.NET Core Web Application project.

booksAPI project

Select the “Web API” template and make sure authentication is set to “No Authentication”.

booksAPI project

Now, we are going to create our Book model. Add a folder named “Models” at the root of the project, and then inside of it create the Book class:

public class Book
{
   public int Id { get; set; }
   public string Title { get; set; }
   public string Author { get; set; }
   public DateTime PublishedDate { get; set; }
}

Create a new folder named “Services”. To save our books, we are going to use a useful new great feature available in EF Core: the in-memory data provider. This feature is awesome because we don’t have to spend time setting up a database to test our API. Later on, we can easily swap this provider with one that uses a persistent storage like a database, for example.

If you’re interesting in exploring EF Core as an in-memory data provider further, check out Nate’s article on the subject!

Set Up Entity Framework Core

Right-click on your project and select “Manage NuGet packages”. Then, add the package Microsoft.EntityFrameworkCore.InMemory

Install EF Core

Add the BooksAPIContext class inside the Models folder, which will implement the DbContext class and will be responsible for the interactions between our application and the data provider.

public class BooksAPIContext : DbContext
{
    public BooksAPIContext(DbContextOptions options) : base(options)
    {
    }


    public DbSet<Book> Books { get; set; }
}

On the ConfigureServices method of the Startup class, we are going to configure our context to use the in-memory data provider:

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
   services.AddDbContext<BooksAPIContext>(x => x.UseInMemoryDatabase());
   // Add framework services.
   services.AddMvc();
}

Create the IBookRepository interface inside of the Services folder:

public interface IBookRepository
{
   Book Add(Book book);
   IEnumerable<Book> GetAll();
   Book GetById(int id);
   void Delete(Book book);
   void Update(Book book);
}

And a concrete InMemoryBookRepository class that will use the BookAPIContext to interact with the in-memory database:

public class InMemoryBookRepository : IBookRepository
{
    private readonly BooksAPIContext _context;


    public InMemoryBookRepository(BooksAPIContext context)
    {
        _context = context;
    }


    public Book Add(Book book)
    {
        var addedBook = _context.Add(book);
        _context.SaveChanges();
        book.Id = addedBook.Entity.Id;


        return book;
    }


    public void Delete(Book book)
    {
        _context.Remove(book);
        _context.SaveChanges();
    }


    public IEnumerable<Book> GetAll()
    {
        return _context.Books.ToList();
    }


    public Book GetById(int id)
    {
        return _context.Books.SingleOrDefault(x => x.Id == id);
    }


    public void Update(Book book)
    {
        var bookToUpdate = GetById(book.Id);
        bookToUpdate.Author = book.Author;
        bookToUpdate.Title = book.Title;
        bookToUpdate.PublishedDate = book.PublishedDate;
        _context.Update(bookToUpdate);
        _context.SaveChanges();
    }
}

Don’t forget to register the repository as an injectable service within the ConfigureService in the Startup class:

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
   services.AddDbContext<BooksAPIContext>(x => x.UseInMemoryDatabase());
   services.AddTransient<IBookRepository, InMemoryBookRepository>();
   // Add framework services.
   services.AddMvc();
}

Now that you have set up your data layer let’s dive into the Web API controller!

Create the Note Web API Controller

Before going any further, make sure to delete the boilerplate ValuesController that the framework created automatically. Also, modify the launchSettings.json file and make sure the launch URL of the profile you are using is pointing to a valid URL. In this example, we will point to our book controller:

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:63595/",
      "sslPort": 0
    }
  },
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "book",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "BooksAPI": {
      "commandName": "Project",
      "launchBrowser": true,
      "launchUrl": "http://localhost:5000/book",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    }
  }
}

Create a Web API Controller Class in the Controllers folder and name it BookController.

The auto-generated code will look like this:

[Route("api/[controller]")]
public class BookController : Controller
{
    // GET: api/values
    [HttpGet]
    public IEnumerable<string> Get()
    {
        return new string[] { "value1", "value2" };
    }


    // GET api/values/5
    [HttpGet("{id}")]
    public string Get(int id)
    {
        return "value";
    }


    // POST api/values
    [HttpPost]
    public void Post([FromBody]string value)
    {
    }


    // PUT api/values/5
    [HttpPut("{id}")]
    public void Put(int id, [FromBody]string value)
    {
    }


    // DELETE api/values/5
    [HttpDelete("{id}")]
    public void Delete(int id)
    {
    }
}

The framework automatically generated a lot of code for us. There is a method for each HTTP verb that our controller will handle. As a refresher, the REST API standard uses each HTTP verb for a different action over our resources:

aspnet-mobile-api-table

You will also see the controller has a Route attribute, with the value api/[controller]. This defines the base route for all of this controller endpoints, which in this case is api/book. We will change this to make the base route book alone. It should look like this:

Route(“[controller]”)

This attribute can also be applied at method-level if you need to define custom routes for a specific endpoint.

The Get method (as well as the Put and Delete methods) have in their HTTP verb Attribute an “id” element:

HttpGet("{id}")

This is a placeholder for the “id” parameter in the URL of the endpoint. For example, for the Get method, the URL will be:

/book/{id}

The framework automagically maps the parameters defined in these attributes to the parameters of the method in the controller. Awesome, huh?

We will now write the code to handle each request to our API:

[Route("[controller]")]
public class BookController : Controller
{
    private readonly IBookRepository _bookRepository;


    public BookController(IBookRepository bookRepository)
    {
        _bookRepository = bookRepository;
    }


    // GET: book
    [HttpGet]
    public IEnumerable<Book> Get()
    {
        return _bookRepository.GetAll();
    }


    // GET book/5
    [HttpGet("{id}", Name = "GetBook")]
    public IActionResult Get(int id)
    {
        var book = _bookRepository.GetById(id);
        if (book == null)
        {
            return NotFound();
        }

        return Ok(book);
    }


    // POST book
    [HttpPost]
    public IActionResult Post([FromBody]Book value)
    {
        if (value == null)
        {
            return BadRequest();
        }
        var createdBook = _bookRepository.Add(value);


        return CreatedAtRoute("GetBook", new { id = createdBook.Id }, createdBook);
    }


    // PUT book/5
    [HttpPut("{id}")]
    public IActionResult Put(int id, [FromBody]Book value)
    {
        if (value == null)
        {
            return BadRequest();
        }


        var note = _bookRepository.GetById(id);


        if (note == null)
        {
            return NotFound();
        }


        value.Id = id;
        _bookRepository.Update(value);


        return NoContent();


    }


    // DELETE book/5
    [HttpDelete("{id}")]
    public IActionResult Delete(int id)
    {
        var book = _bookRepository.GetById(id);
        if (book == null)
        {
            return NotFound();
        }
        _bookRepository.Delete(book);


        return NoContent();
    }


}

Now we’re ready to test our API!

Add JWT authentication using Stormpath

So far this is a totally public API, so any user can get, create, edit, and delete any book they want. That’s not very secure! We will now add authentication to our API through JWT tokens.

If you want to refresh your knowledge, check out our overview of token authentication and JWTs!

As today, ASP.NET Core supports protecting routes with Bearer header JWTs. But, unlike the ASP.NET 4.x Web API framework, it doesn’t have support for issuing them. To do this, you will need to write custom middleware or use external packages. There are several options; you can read Nate’s article to learn more about this.

Lucky for us, Token Authentication with JWT becomes extremely easy using the Stormpath ASP.NET Core library – I’ll show you how.

Get your Stormpath API credentials

To communicate with Stormpath, your application needs a set of API Keys. Grab them from your Stormpath account (If you haven’t already registered for Stormpath, you can create a free developer account here).
Once you have them, you should store them in environment variables. Open up the command line and execute these commands:

setx STORMPATH_CLIENT_APIKEY_ID "<your_api_key_id>"
setx STORMPATH_CLIENT_APIKEY_SECRET "<your_api_key_secret>"

Restart Visual Studio to pick up the environment variables from your OS.

Integrate Stormpath with the Web API

Right-click on your project and select “Manage NuGet packages”. Them, add the package Stormpath.AspNetCore.

Install Stormpath

To use Stormpath API for Access Token authentication, add this configuration in the ConfigureServices method in the Startup.cs.

// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
    services.AddStormpath(new StormpathConfiguration()
    {
        Web = new WebConfiguration()
        {
            // This explicitly tells the Stormpath middleware to only serve JSON responses (appropriate for an API).
            // By default, HTML responses are served too.
            Produces = new[] {"application/json"},
            Oauth2 = new WebOauth2RouteConfiguration()
            {
                Uri = "/token",
            }
        }
    });
...
}

As a personal preference, I changed the default token endpoint URI ("/oauth/token") to /token.
Options that are not overridden by explicit configuration will retain their default values.

Make sure you add the Stormpath middleware before any middleware that requires protection, such as MVC.

You can [learn more about configuration options in the Stormpath Product Documentation]((https://docs.stormpath.com/dotnet/aspnetcore/latest/configuration.html#configuration).

Now, find the Configure method and add Stormpath to your middleware pipeline.

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();
    app.UseStormpath();
    app.UseMvc();
}

Finally, to effectively protect the controller, add the Authorize attribute:

[Authorize]
[Route("[controller]")]
public class BookController : Controller
{
    ...
}

That’s all! Exhausted yet? 😉

Test Your Web API with Postman

Now, let’s test our Web API. I’m using Postman for this tutorial, but feel free to use any REST client you like. To register a new user, we need to make a POST request to the /register endpoint, passing the required data on the body:

{ "givenName": "MyAPIUser", "surname": "Tester", "email": "test3@example.com", "password": "TestTest1" }

Register Stormpath user

With our user, we are going to get a token by POSTing to the /token endpoint.
Payload should be a URL-encoded form with your credentials:

grant_type: password
username: test3@example.com
password: TestTest1

Get your Bearer Token

The access token you received should be sent to the server on every request, on the Authorization header. The value of the header should be Bearer <your_token>:

Use your Bearer Token

Let’s add a new book:

Add a book

The status code 201 indicates our application has created a new book successfully.

If you view your list of books now, you should see the one you just created has been added:

Get books

Congratulations! You just created a web API with ASP.NET Core. 🙂

Learn More

The post Build a REST API for your Mobile Apps with ASP.NET Core MVC appeared first on Stormpath User Identity API.

Matthew Gertner - AllPeersThe Mercy Foundation Helps the Poor Help Themselves [Technorati links]

December 05, 2016 05:21 AM

When most people think about alleviating poverty and helping the poor, they often only think of giving donations. However, the Joseph Johnson Welfont believes this would create dependency and does not acknowledge the fact that the poor are perfectly capable of pulling themselves out of poverty. As a result, a vicious cycle is created, consisting of the ever present need for even more donations.  What if there is another method, one that allows the poor to become self reliant and self sustaining instead of just focusing on scraping by for survival? Joe Johnson, CEO of the Welfont Group believes lending the poor micro loans is the way to go. These micro loans are usually used by the poor, especially in Third World countries, to help start or expand their small businesses. This helps them get out of poverty and improve their quality of life. Instead of just being able to afford the bare necessities, they can afford better education for their children, or renovate their dilapidated house, or even start a second business. This way, the poor no longer need donations as they now can take care of themselves.

hands-water-poor-poverty

Joe Johnson’s Welfont Group Sustains the Mercy Foundation

The micro loans that the Mercy Foundation disburses to the poor originate from the Welfont Group, a very successful commercial real estate brokerage. The genius of the Welfont Group is that it specializes in acquiring under-utilized and distressed real estate properties, fixing them up and then rents or sells them for higher prices. It also helps its customers to find, analyze, finance, purchase, manage and sell commercial real estate properties. Chief Executive Officer Joe Johnson believes that micro loans given by the Welfont Group through the Mercy Foundation is money well spent indeed. To date, the Mercy Foundation has given out micro loans to people in over fifty countries, spread out over six continents except Antarctica. These loans are then used to start or expand various small businesses in many different industries like retail, art, education, health, transportation, agriculture, manufacturing, and many more.

The Mercy Foundation’s Micro Loans Work Wonders for Anacleto from Peru

A 67 year old coffee farmer in Peru, Anacleto now has peace of mind because he knows he can rely on the Mercy Foundation’s continuing micro loans to afford the extra money he needs in order to increase both his farm production and product quality. He currently utilizes the money he receives as micro loans to pay for fertilizers and extra labor that would translate into a timely harvest and increased profits. He is confident that he can even get more customers for his popular coffee beans. Anacleto sees a future where he would be self sufficient and not need to rely on micro loans anymore. In the meantime, he is also very proud to be able to repay all his micro loans on a timely manner. Indeed, it was Anacleto’s trustworthiness that made him a good candidate to receive micro loans. With hard work, he sees a bright future.

The post The Mercy Foundation Helps the Poor Help Themselves appeared first on All Peers.

December 02, 2016

Matthew Gertner - AllPeersMarc J Leder Is A Helper [Technorati links]

December 02, 2016 11:30 PM

What do people usually think of when they imagine an extremely successful banker? They usually come up with a mental picture that is a stereotype of a greedy banker wearing a fancy suit, consuming Cuban cigars at five star hotels and not giving a damn about anybody else. Marc J Leder is not the quintessential, stereotypical banker. True, he does wear fancy suits, but upon closer scrutiny, one would realize that in his heart, Marc J Leder is basically someone who likes to help people. He derives so much satisfaction from helping others that he makes his living with Sun Capital Partners Inc. by helping struggling companies get back on their feet. Then he turns around and donates massive amounts of his own money to art, educational, as well as charity and volunteer organizations.

helping_the_homeless

Meet Sun Capital Partners Inc.

After earning his Bachelor of Science degree in Economics from the Wharton School of the University of Pennsylvania, Marc Leder began his career by working for Lehman Brothers in New York, climbing the corporate ladder until he reached the position of Senior Vice President. Itching to do his own thing, he left Lehman Brothers and established Sun Capital Partners Inc., in 1995 with his partner and former Wharton classmate Rodger Krouse, who was also working for Lehman Brothers in New York. Sun Capital Partners Inc. is a global equity firm that specializes in company buy outs. Marc J Leder gets his bells ringing every time his company successfully maneuvers another company to the right track and thus avoids bankruptcy. “It’s incredibly rewarding to come in and provide the necessary capital and human resources to transform potential into results,” Marc J Leder said in an interview with Huffington Post. He added, “Sometimes our work saves companies and jobs that might otherwise have gone away because the business became uncompetitive”.

Marc J Leder’s Philanthropic Activities

Marc J Leder firmly believes in giving back some of the economic benefit of his work to charity. Together with his business partner Rodger, they now support two nonprofit charter schools in Florida as well as other causes through the Sun Capital Foundation. “There’s a real intersection between philanthropy and business,” he reiterated. The charity committee at Sun Capital Partners Inc. also encourages all employees to volunteer and nominate their favorite local charities. An avid arts collector, Marc J Leder is also the Director of the Rush Philanthropic Arts Foundation, which helps disadvantaged artists get more support and exposure. Marc J Leder is aware that trying to help others sometimes can seem overwhelming, as poverty is a complex issue. He advised, “Every cause sounds like a great cause, but you still have to pick and choose because you can’t contribute to all of them.” He added, “We need to look at how many people we’re helping and obviously, there are different levels of help. For one charity, a sizable donation can help a thousand individuals, and for another charity it would only help twenty.”

The post Marc J Leder Is A Helper appeared first on All Peers.

Gerry Beuchelt - MITRELinks for 2016-12-01 [del.icio.us] [Technorati links]

December 02, 2016 08:00 AM

Matthew Gertner - AllPeersWhy Your Organization Should Implement A Paperless Board [Technorati links]

December 02, 2016 05:04 AM

Most offices today rely very little on paper as email and file sharing services have made it possible to skip printing, faxing, and copying in order to distribute information. Administrators who have long struggled to print and courier board books that could be several hundred pages long to directors potentially travelling anywhere in the world, however, have experienced a harder time moving over to digital platforms. The volume of information contained in a board book lends itself to getting lost in various email chains and file sharing services, and documents like financial reports that may be updated several times before a meeting are emailed so many times it can be difficult to make sure directors have the most accurate information.

Board portals are the answer that many administrators and directors alike have been waiting for to simplify the distribution of materials as well as make it easier for directors to work from laptops and tablets. Purpose-built for board work, better software programs like the one available at Aprio.net are more than just file sharing services, they also incorporate electronic signatures, voting, surveys, and committee privileges. Whether you use paper, email, or a free file sharing service, your organization can receive better results from its directors when they spend less time looking for information and more time making decisions. Below are some of the features that make the most difference to your directors that you should look for in a software when you decide to upgrade.

Wondering Why Your Organization Should Implement A Paperless Board? This post will explain why you should.

Security

Unlike free file sharing services, which can be hosted on servers anywhere in the world, portal software like Aprio Boardroom guarantees home country hosting, protecting potentially sensitive documents from falling under foreign legislation. Many don’t know this, but an organization’s documents fall under the jurisdiction of the country where the server hosting its information is located, meaning, for example, that a Canadian company’s information could be subject to the Patriot Act if the server is located in the U.S.

Access

A secure board portal is also one that requires password access however they enter the portal, regardless of the device. For example, users receive real time email notifications whenever materials are updated on their Aprio Boardroom Portal, including a link to the updated material; the user simply clicks the link to proceed to the document, but not before entering their password. Multi-layered viewing privileges can also be established by the administrator to account for committees, In Camera sessions, and conflict of interest issues, making it easier to adhere to the board’s own bylaws respecting security.

Accountability

A portal should also allow administrators to keep track of director expenses, training requirements, and see when and by whom a document was accessed; directors who have used portals like these often self-report that the accountability keeps them better prepared for meetings. Board work is often something busy individuals perform on top of countless other responsibilities, and while they may have a keen mind and a passion for the work, it never hurts to hold individuals accountable for preparing for meetings. There is far more to adopting a portal than just going paperless; it’s a secure, efficient, and easy-to-use way to introduce better governance to your organization.

The post Why Your Organization Should Implement A Paperless Board appeared first on All Peers.

December 01, 2016

Matthew Gertner - AllPeersTop Tips to Make Some Extra Money Using the Internet [Technorati links]

December 01, 2016 12:59 PM

Regardless of what job you do or what salary you are on, we could all do with some extra cash now and again. The options in from of you to do so are pretty slim, you could ask your boss for a raise, if you dare, you could take on a second job but it is more than likely that you simply don’t have time, the solution is simple, sit at home, turn on your laptop and utilize the power of the internet to bag yourself some extra cash and here is how.

youtube-social-icon2

Become a YouTuber

Contrary to what many think, you can use YouTube for more than just watching videos of a snake attacking a crocodile, it is a good use of your time no doubt, but you could also sue it to make extra money as a vlogger. In order to be successful you need to gain a strong audience who will like and share your videos, with enough views you can start to make money from advertising costs. You need to be engaging and likable to become popular and if you want to see exactly how it is done then you should check out one of pastor TB Joshua’s sermons on his Emmanuel TV channel.

Joshua speaks on a weekly basis to his congregation at the Synagogue Church of All Nations (SCOAN), he inspires those present with the words of the gospel, he does live exorcisms, and passionately preaches the holy scriptures and encourages people to improve their lives through God. Such is the power of his prophecies and his teachings, Joshua has helped Emmanuel TV to amass 400,000 subscribers and over 170 million views. That is the bar that you need to reach to become a YouTube sensation.

Freelance Work

With some many companies having an online presence, many of them too have started to look online for all range of tasks to be completed and instead of hiring full time employees, they are looking for freelancers to do the jobs for them. This opens up a he window of opportunity for you to do extra jobs in your own time. There are lots of different jobs available and not all of them require high level technical knowledge. If you head to a website like Upwork for example, a site that can connect you with hundreds of potential employers, you will find jobs like content writers, graphic designers, email handlers, virtual assistant, translators and we design to name just a few. You just need to sign up and get searching for your next project.

Blogging

Blogging about your passion or interests can be done either as a bit of a hobby and a creative outlet or alternatively you could use it to earn yourself a little bit of extra cash. If you can create consistent and quality content on a regular basis and attract people to your site then you can start utilizing your site for advertising space and making yourself some extra money.

The post Top Tips to Make Some Extra Money Using the Internet appeared first on All Peers.

Matthew Gertner - AllPeersWhat Career to Choose Depending on Your Characteristics [Technorati links]

December 01, 2016 12:04 PM

Choosing a career is never easy but it is a big decision that you should try to take head on, the World is full of people who are miserable in their employment as a result of never firmly deciding on what career path to take. It is important that you avoid this fate in order to get a career that you will be happy with and not like the rest of them who dread Sunday evenings because they have to back to work on Monday. You should try and pick career which works best with your natural characteristics. Today we’re going to take a look at what kind of jobs you could be doing based on your skills.

career-1

Motivator

Are you a natural motivator? Can you capture the attention of people and inspire them to complete tasks and achieve results. Some of the World’s most influential people are the great motivators of our time, people like the pastor TB Joshua who inspires his congregation on a weekly basis to lead better lives, these are the people who encourage people to do and if you fall into that bracket then here are some jobs for you:

– Sales Leader

– Pastor

– Teacher/Lecturer

– Politician

– Training Manager

Creative Thinkers

A lot of creative thinkers ditch their dreams of landing a creative role because there is more competition in these sorts of jobs but if you’re accretive thinker then you should absolutely embrace this side of your character. The World needs innovators and designers and you should reach for the stars if this describes you, here are some roles that you could be looking at:

Engineer

– Fashion designer

– Writer

– Photographer

– Cameraman

– Set Designer

– Hair Stylist

Carers

Some people were brought into this World to care for others, it is their natural instinct to look after another person’s wellbeing and you too should embrace this side of your character when it comes to your career choice. The role of carers in society is vitally important, we rely on these people in all aspects of our medical and social care and her are some of the roles which you could look at if you are one a caring type:

– Nursery Nurse

– Nursing

– Social Worker

– Psychologist

– Palliative Care

– Teaching Assistant

Doers

My Granddad always told me that in life there are talkers and there are doers, the doers in this World are the ones who keep everything ticking over, they implement change and they are the workers who keep economies afloat. The doers of this World are the ones who work hard to keep communities safe, keep houses running, keep factory wheels turning and keep cars on the road. If you are one of life’s doers then here are some jobs which you could be looking at:

– Fire Service

– Police

– Paramedic

– Mechanic

– Handyman

– Electrician

– Plumber

– Construction Worker

So which bracket do you fall into? Remember that choosing your career as early as you possibly can will pay you great dividends in the future so you should try and work out what kind of character you are and then go after that career.

The post What Career to Choose Depending on Your Characteristics appeared first on All Peers.

Matthew Gertner - AllPeersHow You Should be Investing Your Money [Technorati links]

December 01, 2016 10:46 AM

The idea of investing your hard earned cash into something successful and growing your wealth from smart investments is one that appeals to many. The question is however, where and how? There is risk attached with most investments and you will need not only have confidence in where you put your money but also be sufficiently educated on the industry or field that you choose to put it. There are several upsides to investments, it is a way of putting your money to work for you, potentially growing your wealth and in reality, it will prove to be an exciting addition to your life. If you have been thinking about investing your cash then here are some great ways to do so.

investment

Real Estate

For many years, real estate has been less about places to live and more about places to invest and it is still one of the surest ways to see returns on your money. There are a couple of paths that you could go down when it comes to investing in property, you could buy commercial or residential buildings with a view to renting them out, protecting your wealth whilst seeing monthly returns on your investment. Those who make the most money in real estate however are the flippers, those who buy property as cheap as they can find it, make any necessary alterations and then flip it for a profit.

Precious Metals

Investing in precious metals can help you two-fold, the first way is through simply buying and selling, the process of metals regularly rises and falls and if you can get a good price then you could be looking at future profit. The second benefit of investing in precious metals is that you can protect your wealth, companies like Birch Gold Group not only sell precious metals but also offer options such as IRAs which can prove to be far more fruitful than cash IRAs as they aren’t at the whim of the unstable dollar, metals and their prices offer far more stability for your money.

Oil Industry

The oil industry is also a strong option when it comes to investment, specifically in the futures markets and many make a great deal of money from these contracts. The oil price moves frequently but is rarely volatile, such is its importance to the World. You will need to well read on what can impact the oil industry and how this can alter prices before you decide to invest but it can prove to be a wise choice to get involved with oil.

Start Ups

If you have a good wealth of knowledge about a particular field or industry then you would be well informed to look for start-ups in that industry to invest in. Businesses that are just starting out rely on outside investment and if you see a company or business that you have confidence in then you can negotiate a great deal with them around your investment. If the company succeeds then you could be looking at some very high returns.

The post How You Should be Investing Your Money appeared first on All Peers.

Matthew Gertner - AllPeersCareers That Will Earn You Big Bucks [Technorati links]

December 01, 2016 03:37 AM

If you want a career that will pay you top dollar for your services then you aren’t alone, recent studies suggest that power and money are the most popular wishes from people who are deciding on a career, shortly followed by a job that makes them happy. When it comes to highest paid careers, away from being a top sports star or a high earning actor, there are not only fewer of these jobs available but in almost all of them you are required to work incredibly hard to succeed.

career-1

If you want to be a high level manager or a neurosurgeon like Dr. Joseph Yazdi then you are going to need to be prepared to put the work in, these careers won’t just fall into your lap and the early that you start toiling away, the more chance you’re going to have of being successful. Here is a short list of some of the highest earning jobs out on the market today.

Chief Executive Officer

CEOs are not only some of the most powerful men and women in the World, they are also the highest earning and regularly feature in the Forbes Richest List. To become a successful and high earning CEO then you’re going to need to have an excellent talent when it comes to management in the World of business. As far as education goes you will need to have studied for an MBA, preferably at one of the top universities. Once you start working for a company you will need to be creative, responsible, network well and more importantly, deliver great results in order to stand out and move your way up through the ranks.

Medicine

For a career in medicine you will need to maintain high grades from very early on in your education, once you’ve completed your mandatory education you will head to medical school were things get even tougher. The good new however is that once you’ve completed med school, you will have the opportunity to place yourself amongst some of the highest earner in the United States. It is best if you specialize in a particular branch of medicine, earn respect and work hard to reach the top level band when it comes to salaries. This is a great career that can reward you financially and allow you to directly impact the lives of others for the good.

Software Architect

Such is the size of he digital industry these days there are huge salaries up for grabs as a software architect. More and more, different businesses are heading to the online and digital world with new ideas and projects and they need the best brains in the business to turn their ideas in to functioning software, and are prepared to pay big for it. You will need to not only have strong grades in computer sciences and math but also to have an excellent grasp of the various different coding languages that will be required. Furthermore you will need to constantly stay up to speed with what is happening in this ever-changing industry if you want to stay at the top.

The post Careers That Will Earn You Big Bucks appeared first on All Peers.

Matthew Gertner - AllPeersSkills That The Greatest CEOs Possess [Technorati links]

December 01, 2016 02:07 AM

If you’ve ever dreamed of becoming a high powered CEO then you’re not alone, it is a job that many would love to have, making big decisions daily that affect the lives of many, earning huge salaries and heading up some of the World’s biggest companies. In order to become a successful CEO like Jeff Bezos, Larry Page, Howard Schultz or Patrick Imbardelli, you’re going to need a certain set of skills, a little bit of luck and a lot of hard work.

2000px-businessman_silhouette_podium-svg

The skills that you are going to need are represented in every one of the biggest CEOs in the World and if you are wondering if you have what it takes then take a look at what character traits that the most successful CEOs have, and see if you possess them.

Dedication

All of the World’s most powerful CEOs have an all out dedication to what they do, without this commitment to achieving success and passion for the industry that they are in CEOs simply wouldn’t succeed. If you want to be a successful chief executive then you need to find something that you not only love doing, but something that you are prepared to fight tooth and nail for in order to succeed.

Team Building

If you think that any of the World’s most powerful CEOs are doing it all alone then you are sorely mistaken, they rely on the teams around them and below them and the reflection of a CEOs ability can be seen from the capability of their team. Successful leaders have a great ability to spot talent and to inspire those around them, any CEO that has achieved success has done so from both their individual abilities and the skill of putting together a great team.

Decision Making

The essence of a great leader and CEO is the ability to take the right decisions at the right time for the good of the company or organization. The art of decision making isn’t about having the best mentality to make a choice, it is about using all of the tools at your disposal such as facts and figures and the advice of those around you, and making an informed decision after viewing all sides. Sometimes calculated risks need to be take and the best CEOs are the ones who are not afraid to take such risks.

Perseverance

The word ‘can’t’ does not exist in the vocabulary of those who are wishing to reach the top, whatever the obstacle is, whatever problems are being faced, the best CEOs are relentless in their pursuit of success. Failures happen in business and the test of the most successful is their ability to come back one and try again. Many people can become downhearted when things go wrong, they can consider giving up and letting a downfall beat them, the best however, and the ones who go on to become successful CEOs are the ones who learn from mistakes and continue to search for success.

The post Skills That The Greatest CEOs Possess appeared first on All Peers.

Matthew Gertner - AllPeersHelpful Tips For Losing Weight [Technorati links]

December 01, 2016 01:11 AM

Once you’ve made the decision to lose weight you have quite a challenge ahead of you, everything becomes tempting as you look to replace fatty foods with a healthy and nutritional diet. If you haven’t previously exercised then that part of your new regime can also be extremely challenging and at times it can feel like you just want to give up and stay overweight. As you well know, this is not the answer and the unfortunate truth is that you just have to stick with it if you wan to see results. There are some things that can help you out on your road to a new you and here are some tips that may be able to help you.

1-1267027352ck1k

Consider Surgery

In the past, surgery was seen as quite an extreme measure to aid your weight loss, these days however it can provide a good start to any weight loss regime if you need some additional help. I recently underwent some liposuction, I wanted to lose weight and the fact was that I was too heavy to exercise effectively. I found a great clinic called Sono Bello who offer a non-invasive liposuction procedure which uses lasers to burn away the fat, the service from the clinic was outstanding and I felt absolutely amazing afterwards, don’t just take my word for it, check out the Sono Bello reviews to see what others are saying too. Since the surgery I have completely changed my life, I make regular exercise and I have never eaten healthily in all my life, surgery is a great way to kick start your plan.

Planning

Food and meal planning are absolutely vital when you want to lose weight, often when you slip up during your program it is usually because you were hungry, had nothing to eat so grabbed something convenient. The convenient stuff is usually where the fat lies. Try to plan your meals one week ahead, this will not only give you the chance to sit down and work out calorie content for you various meals, but it will give you time to head to the supermarket and be fully prepared for your day ahead.

Exercise Slow to Start With

When it comes the exercise side of things, it can be tempting to go head first into a brutal workout that will burn calories galore, whilst the intention is good, this will not help you out long term. You will no doubt feel incredibly sore and tired after such a workout and sustaining with the extra will prove difficult, if you aren’t achieving what you want to in the gym then this can leave you feeling downbeat and consider quitting. The far better option when starting your routine is to ease yourself in to exercise, start off with just 30 minutes per day of light exercise and gradually build it week on week. Exercises like yoga and pilates are excellent during your first few weeks as they are low intensity exercises that can make a real difference.

The post Helpful Tips For Losing Weight appeared first on All Peers.

November 30, 2016

IS4UFIM2010 Troubleshooting: Stopped extension dll load [Technorati links]

November 30, 2016 06:42 PM

Intro

When uploading a new extension to an existing deployment and trying to sync, the error "Stopped-extension-dll-load" was occurring. The deployment was already using rules extensions, so I did not expect any issues with .Net. After some basic troubleshooting steps, checking the .Net build version of the extensions, restarting services, checking the event viewer I found a hint to the solution.

Issue

Following info was loggend in the eventviewer.

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="FIMSynchronizationService" />
<EventID Qualifiers="49152">6300</EventID>
<Level>2</Level>
<Task>3</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-11-02T15:33:07.000000000Z" />
<EventRecordID>523064</EventRecordID>
<Channel>Application</Channel>
<Computer>FIM</Computer>
<Security />
</System>
<EventData>
<Data>
Could not load file or assembly 'file:///C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Extensions\MVRulesExtension.dll' or one of its dependencies.
Operation is not supported. (Exception from HRESULT: 0x80131515)
at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)
at System.Reflection.RuntimeAssembly.InternalLoadFrom(String assemblyFile, Evidence securityEvidence, Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, Boolean forIntrospection, Boolean suppressSecurityChecks, StackCrawlMark& stackMark) at System.Reflection.Assembly.LoadFrom(String assemblyFile)
at Microsoft.MetadirectoryServices.Impl.ScriptHost.InitializeWorker(InitializeArguments pArgs) InnerException=&gt;
An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework.
This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous.
If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch.
See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.
InnerException=&gt; none
</Data>
</EventData>
</Event>

Solution

After checking the provided link and googling more info using the inner exception quoted below, it was pretty clear how to solve it.
An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch.
The error went away after adding the loadFromRemoteSources switch to the runtime part of the FIM configuration file miiserver.exe.config, located in the "Microsoft Forefront Identity Manager\2010\Synchronization Service\Bin" folder.

<configuration>
[...]
<runtime>
[...]
<loadFromRemoteSources enabled="true"/>
</runtime>
</configuration>

Conclusion

It's still a mystery why this issue would arise after adding a new dll to a deployment that was already using extensions for a year without problems. Hopefully will this article be helpful for someone having the same cause for his stopped-extension-dll-load error.

Matthew Gertner - AllPeers4 Ways to Better Motivate Your Employees [Technorati links]

November 30, 2016 04:50 AM
motivatePhoto by CC user Erin Koch on Flickr.

Would you say you do a good job of motivating your employees?

For some business owners, motivating those working under them is a piece of cake. Others, meantime, struggle with this all-important facet in the workplace. For those in the latter group, those challenges can lead to problems, especially when it comes to customer service.

No matter what size business you run, it is important that you do anything and everything when it comes to keeping your team motivated.

Sure, there will be days where some of your workers (perhaps even you) will come to work with little or no energy. In those cases, getting through the day can feel like a real grind. In those types of situations, the need for production becomes even more important.

Always keep in mind that your customers typically have myriad of choices as to which companies they want to do business with. In the event you (or your team) are feeling not all that motivated, the results could be lost customers and ultimately dwindling revenue.

With that in mind, are you looking for ways to better motivate your employees?

Messages and Actions Do Matter

So that your business can stand head and shoulders above the competition, remember these four tips:

• Message – In order to best motivate you and your workers, the message has to be positive at all times. For instance, what happens when the economy hits some bumps in the road? In many cases, you can see orders drop off, customers spending less money when they are buying products and services, perhaps even some of your employees feeling down about the overall situation. It is at these times that your message to staff and customers for that matter must be positive. If you feel the need for outside help in motivating your team, turning to guest speakers such as Dakota Meyer and others like him may be your best move. Speakers with a history of life lessons to share with others can be just what you and your company needed. If your company’s message has been falling on deaf ears as of late, turning to those with a resounding message of motivation may prove to be the answer;
• Incentives – Although most employees are focused on how money they make when all is said and done, there are those looking at other perks of the job. From a solid health insurance plan to being able to work from home, don’t just assume everyone on your team is fixated on their salaries. With gas prices fluctuating between somewhat affordable and rather high, some employees love the flexibility of working from a home office. Meantime, some workers will take advantage of free gym memberships that companies make available. Still others will opt for the ability to travel regularly for the company, getting to spend a fair amount of time outside the office. No matter the incentives, making them available to those deserving of them can prove to be great motivation.

Don’t Let a Good Job Go Unnoticed

• Rewarding – Although you are not working with a bunch of second-graders (at least that better not be the case), it is fine to reward employees for a job well done. While it doesn’t always have to be (and most likely won’t be) a material reward, a simple “thank you” and/or “you did a good job” can go a long way in motivating workers and keeping them motivated moving forward;
• Growth – Last but not least, is your company sitting there with strong growth potential? Many workers will want to be with a business where the potential to grow and prosper is front and center. If your business is teetering on disaster more times than not, good luck keeping your team motivated. Although your eyes and ears need to be focused on today, don’t forget about tomorrow and the next day.

Even though you might very well be fixated on your company’s money matters, don’t overlook the importance of keeping employees motivated and happy.

When you send your team the right message, they in turn will likely respond with open arms.

As an employer, how do you go about motivating your employees on a regular basis?

The post 4 Ways to Better Motivate Your Employees appeared first on All Peers.

Matthew Gertner - AllPeersYour Path to Becoming an Engineer [Technorati links]

November 30, 2016 02:51 AM
Your Path to Becoming an Engineer runs through your local collegePhoto by TAFE SA TONSLEY on Flickr

If you’re looking for a career that is rewarding both personally and financially, a job that allows your creative juices to run wild and a profession that puts you at the forefront of modern technology then look no further than a career in engineering. Engineers create all that you see around you from infrastructure to new products in stores, new virus-beating medicines and innovative software creations.

Working in engineering is tough, exciting and will challenge you every day, for those with innovation in their mind, there are few better professions out there. There are lots different branches of engineering that you can enter into and each one has pathways to success, from become an expert in your field to becoming the head of a company’s engineering team that people like V. Reddy Kancharla have achieved. If you think that this could be the career choice for you then here is the path that you need to take.

High School

At high school level you need to place a lot of your focus on math and the various sciences, all branches of engineering heavily involve the type of thinking that feature heavily in math and science and you need to achieve high grades in these subjects.

College

Getting into the best college isn’t a necessity for a career in engineering, what is more important is achieving a high score in your exams. Once in college you will need to decide which of the fields of engineering it is that you would like to specialize in. The options are numerous from civil, computer, chemical, aerospace, mechanical and environmental to name just a few. Once you’ve decided which branch you will specialize in then you will major in that particular field before entering the industry.

Other Projects

Engineering is an incredibly popular field of work to enter into and whilst there are plenty of jobs out there for those who’ve just graduated, if you want to get the best jobs available then you are going to need to have more than just great grades at school. Employers want to see that you have not only dedicated yourself to learning in your free time, but also that you are committed to your particular field and that you can display leadership qualities.

In order to show prospective employers that you are the person for them, you should be looking to work on your own projects, start this as early as possible and ensure that you keep a record of your projects to show employers. Previous experience is not necessary but it will help greatly when looking for a job, in order to get experience you should be looking at taking on internships during the summer months at firms from the particular industry of engineering that you are interested in. Doing this will not only help you to look more attractive to employers but it will also give you hands-on experience of your profession which will aid your learning.

The post Your Path to Becoming an Engineer appeared first on All Peers.

November 29, 2016

Nat SakimuraAPI Days Paris に「Financial Grade OAuth and OpenID Connect」と題して出演します [Technorati links]

November 29, 2016 09:07 AM

「IT、ビジネス、そして社会全体をAPIで自動化する」[1]というキャッチフレーズを持つ、1200人規模のカンファレンス「API Days 2016」が、来る12月13日・14日とパリのTapis Rougeで開催されます。

api-days-2016-1

わたしは、2日目のBanking APIsトラックに「Financial Grade OAuth and OpenID Connect」と題して出演します[2]。OAuth/OpenID Connectを用いた金融APIは、昨年10月に成立したPayment Service Directive 2 (PSD2)や、今年のはじめに発表された、英国のThe Open Banking Standardの影響もあって、金融関係者からは大変関心が高い領域です。

もし欧州にいらっしゃるようでしたらぜひお越しください[3]。Twitterのハッシュタグの父、クリス・メッシーナ(元Google、現Uber)なども来るようですよ。

それでは、パリでお会いしましょう!

Copyright © 2016 @_Nat Zone All Rights Reserved.

Matthew Gertner - AllPeersTop tips for effective wealth management [Technorati links]

November 29, 2016 08:41 AM
These Top tips for effective wealth management will help build that stack of cash faster than you ever thought possiblePhoto by CC user calliope on Flickr

Those that are looking to start a career in the financial services industry learn many skills during college and licensing courses that allows them to serve client effectively as a financial advisor.

However, there are no skills more important than the ones that will enable you to maintain and build the fortunes of wealthy customers.

Adam Rosenfeld Miami knows all about the rules that govern the maintenance of wealth, as he has managed the fortunes of high net-worth individuals for over 15 years.

If you want to achieve the same level of success that he has, be sure to follow these principles of wealth management. If you do, chances are excellent that you will be able to grow a nest egg of which you and your family will be rightly proud.

1) Not losing money is paramount

This is a bit of a misnomer, as anyone who has invested money has lost a decent chunk of change in the past. While losing money is inevitable at some point, crippling losses are almost always avoidable events.

If you do suffer one, recovering from them can take a very long time, as the only thing that is tougher than making money is getting it back to the level where it was once before.

Whether you are building a nest egg from your own savings or taking on capital from investors in a hedge fund, deploying it in a conservative manner should always be your default action.

In the absence of sufficient actionable information concerning other options, the most risk-adverse choice is the right one to pick.

2) You can’t lose what you don’t put in the middle … but you can’t win much either

Despite the cautionary advice given in the last point, you probably know that massive fortunes aren’t earned by investing it in an index fund and then calling it a day.

Thus, the second imperative of wealth management: make money. In order to do this, you’ll need to keep your ear to the ground for investment opportunities where you have an information/expertise advantage.

When they arise, do not hesitate: get in there with your capital, but do not do so blindly. If things change suddenly and you sense that it has the potential to turn into a money-losing proposition, trust your gut and get your money out.

3) Put yourself out there

If you are going to get the kind of results that will earn you a promotion at your hedge fund, you need to be all-in mentally and spiritually when it comes to this aspect of your life.

Throwing yourself into studying financial statements, the overall state of the economy, and other factors are all necessary steps if you wish to achieve the hyperbolic rates of return that the masters of the market achieve with regularity.

4) Manage stress effectively

There’s no doubt about it: the financial services business is one of the most notorious meat grinders in the world of work. When you are managing somebody’s else’s fortune, having to tell them that you lost several million dollars of their net worth is not a fun thing to do.

Even if you are managing your own money, watching a pie-sized chunk of your retirement disintegrate due to a bad decision can crush you if you aren’t armed with the proper mindset.

Thus, incorporating stress-reduction activities into your daily routine and modifying your mindset around money is essential if you hope to thrive in this business long-term.

The post Top tips for effective wealth management appeared first on All Peers.

November 28, 2016

Katasoft5 Must-Have Visual Studio Code Extensions [Technorati links]

November 28, 2016 09:09 PM

Visual Studio Code is Microsoft’s fully cross-platform IDE. It is beautiful, easy to use and lightweight. Its slimness can be attributed to the fact that it does only the basics by default, and add functionality via extensions. This lets developers start with the basics, and add only those things they really need. There are some Visual Studio Code extensions however, that I recommend to developers right off the bat. These are my top five.

1. EditorConfig for VS Code

This extension is like sharing your Visual Studio settings file with anyone who gets your code. In the root of the application is a .editorconfig file that lets you set certain code style guidelines. Things like whether your indents are tabs or spaces (and how many spaces a tab should be). This can cut down on friction when working with a team and for consultants when switching between projects for multiple clients.

2. Auto-Open Markdown Preview

Whether creating repository README files or using it for your blog, markdown is an easy way for developers to document applications and get great code highlighting. It can be frustrating when writing markdown documents however, having to constantly compile them to preview the output. This extension opens markdown documents in a split pane with the markdown on one side and the preview on the other. This makes writing markdown documents almost seamless.

3. Git History (git log)

For those developers using Git for source control, git log can be helpful, but getting a good readable git log takes a plethora of switches (color, pretty, etc.). The Git History extension gives developers that same easy-to-read log with just a few key chords, just like the one below.

image00

4. Docker Support

The Docker Support plugin gives you code highlighting, snippets and intellisense for your dockerfile. It has been immensely helpful as I learn to use Docker and as I continue in to Docker Compose and Docker Swarms.

5. ES Lint

No development would be complete without some JavaScript these days. If you’re going to write JavaScript (and you probably are), you might as well write it well (or at least following the community-agreed conventions. The ES Lint extension reads your .eslintrc file and checks your code as you write it and provides feedback within the IDE, with little red and yellow squiggles under the warnings and mistakes.

What’s Missing?

I still do a lot of .NET development, and VS Code is great for .NET Core development. I would love to see an extension that gives me the Add New Controller item and scaffolds out the code with the filename and the namespace. On the plus side, I can write my own extensions!

Any extensions that you like? Ones that you find yourself using all the time? Let me know in the comments below, or hit me up on Twitter @leebrandt! Also, check out these awesome resources to learn more about how Stormpath can help you never build auth again:

The post 5 Must-Have Visual Studio Code Extensions appeared first on Stormpath User Identity API.

Matthew Gertner - AllPeersWhy transparency is important in business [Technorati links]

November 28, 2016 04:40 PM
Know why transparency is important in business? We'll tell you in this postPhoto by CC user cambodia4kidsorg on Flickr

These days, it seems like transparency is the latest corporate buzz word. For some companies, it may just be nothing but talk, but that’s their loss, as there is much to be gained by having employees and the general public know everything about what is going on with a specific enterprise.

CAE Ryan Jacob has understood the value of keeping employees in the loop about company expectations and objectives; if you want to build a culture like he has, read on about why it pays to cultivate transparency in your business.

1) It builds trust

These days, customers expect you to share everything about yourself, with few exceptions. More recent arrivals to the scene have had no qualms about doing this, which has had the effect of engendering the belief that these companies have nothing to hide when it comes to how they operate.

If you are about to enter the business ring or if you are a long established firm that has been slowly but steadily losing market share to young upstarts, you must realize that new generations are equating transparency with honesty.

The more you hide, the more they assume that you must be up to something shady. As such, sharing everything except for core components should be on the table.

2) It encourages clarity

In many companies, sharing what is going on to some members of the team while hiding it from others is standard operating procedure.

However, despite unfounded fears that laying out plans to all employees might endanger ‘sensitive’ information, sharing everything that is going on with the company instead enables talent to contribute their best work.

When they have access to the full scope of what everyone is doing, they are able to supply input that is fully relevant.

This avoids incongruent efforts that result when employees are kept in the dark about specific activities. When everyone knows which direction the ship is sailing, it is easier for everyone to row in the same direction.

3) It becomes easier to connect with customers

When a company is open about sharing information about itself, it becomes easier to attract their target customer. Often, businesses conflate vulnerability with weakness, when much of the time, projecting these very human qualities makes it easier for customers to make that crucial emotional connection.

In 2016, many mainstream corporations continue to project an image of perfection, all while forgetting that the new generation of consumers are able to see right through this smokescreen.

It is better to be upfront and honest about one’s shortcomings and seek to actually fix them than to act paternalistic when it is clear that an increasing number of consumers are turned off by this act.

4) It improves morale

When a company truly commits to a culture of transparency, those that work for the firm almost always experience a boost in morale.

No more coded language or double speak. No set of standards for managers and executives, and an entirely different set of regulations for the plebeian employees out on the floor.

When a company’s goals, values, and expectations are thrown out in the open for everyone to see, everyone knows what they need to do, everyone knows what their superiors think about their efforts, and they are comforted by the fact that they are presenting themselves to the customer in an honest fashion.

The post Why transparency is important in business appeared first on All Peers.

Matthew Gertner - AllPeersHaven’t been to the dentist in a while? [Technorati links]

November 28, 2016 01:27 PM
Haven't been to the dentist in a while? Don't be afraid.Photo by CC user Unsplash on Pixabay.

While many people hesitate to see the doctor when their health seems off, it is nothing compared to the mental gymnastics that some folks perform when it comes to avoiding trips to the dentist.

Despite the deeply rooted phobias that many have, the fear of having not gone for many years may finally outweigh their aversion to going.

If you are thinking of biting the bullet and heading in to see a dentist such as Dr. Peter Spennato, here are a few things you should keep in mind before your scheduled appointment.

You are not alone

The first thing that you should bear in mind is that you are far from the first person who has spent significant time away from the dentist’s office.

Frequently, after one no longer qualifies for dental coverage under their parent’s insurance, they neglect to seek out a policy of their own if they don’t have one through their place of employment.

If they perceive themselves to be in good dental health and have kept up with brushing and flossing, they may not see a reason to visit the dentist, despite the problems that can arise.

In other cases, a traumatic experience at a dentist’s office as a child can trigger feelings of intense fear when one entertains the thought of going as an adult.

No matter the reason for forgoing regular dental maintenance, what matters is that you are about to right this wrong.

What to do during your upcoming appointment

The first you should do prior to heading in for your appointment is to breathe – chances are good that this encounter will go far better than you are expecting.

Once you have calmed yourself sufficiently, make certain that you get to your dentist’s office earlier than you normally would arrive for a doctor’s appointment, as you will likely need to fill in paperwork that you might not be familiar with.

These papers will allow your new dentist to get familiar with your dental and medical background so that they can treat safely and effectively, so take your time and fill out the sections thoroughly.

Don’t forget your proof of insurance, and be sure to write down any questions you might have before leaving for the office so that you don’t forget what you want to ask when you get there.

This will help to clear up any misconceptions and alleviate concerns you might have, thereby allowing the dentist and his staff to go about their work without them having to worry about triggering a panic attack in you.

What to expect while you are in the chair

The chair is likely what is stressing you out the most. The fear that they might hurt you with their pointy instruments, or that they might find something seriously wrong with your mouth ranks highly among the fears that many people have.

If you have been keeping up with your brushing, the worst that will likely happen is that your hygienist will probably spend a prolonged period of time busting excess plaque off your teeth.

Occasionally, there may be a nick or two, and your gums might bleed if you haven’t been flossing, but neither of these situations are nothing to worry about, as the training that these professionals have will ensure that they will get your mouth clean without any serious incidents.

The post Haven’t been to the dentist in a while? appeared first on All Peers.

Matthew Gertner - AllPeersBreakthroughs in Treating Infertility with Stem Cells [Technorati links]

November 28, 2016 10:56 AM
Breakthroughs in Treating Infertility with Stem Cells hold promise to fix it once and for allPhoto by CC user Ryddragyn on English Wikipedia

Regenerative medicine is a field that might sound more like science fiction than reality. However, stem cells have been used since the 1970s to contribute to the body’s natural powers of regeneration – for example, by helping to create artificial skin to save the lives of burn victims, or to treat leukemia through bone marrow transplants. Experts like Dr. Kwang Yul Cha are working hard to find other ways that the power of stem cells can be used to treat some of the common problems we face from damaged or non-functioning organs or systems. Recently, there has been a breakthrough which may one day end infertility.

What are Stem Cells?

Stem cells are special cells in the body that can produce different kinds of specialized cells or that can reproduce themselves to create more of the same kind of cell. One of the most important kinds of stem cell is the embryonic stem cell that is the start of human life. Embryonic stem cells are found in 4-5 day old embryos, and are the basis for every other cell in the human body. Scientists have learned how to activate genes in adults to stimulate the production of stem cells that, like embryonic stem cells, have the potential to become any cell in the body. This has been an important development because it means that research on these powerful cells can be done without the need for human embryos.

How Can Stem Solve Infertility?

Because stem cells have the ability to become any other kind of cell, scientists have experimented on mice to see if they can coax stem cells to become fertilizable eggs. A study conducted recently in Japan was able to make this happen, by mixing together egg cells from mice and adult stem cells that had been converted into the embryonic-like cells. The stems cells were converted into eggs, which were then fertilized by IVF and eventually produced living healthy mice.

The research is still far to early to be applied to humans, but the implications of the the research suggest that the time will come when human eggs can be created using stem cells. This would effectively put an end to many forms of female infertility, including that caused for example by cancer treatment on girls.

Of course, there are ethical questions that will need to be explored and resolved before human testing or experimentation with this application of stem cell research can proceed.

However, while stem cells are not yet being used to treat infertility, already stem cell therapy is being used to treat fetuses in the womb suffering from potentially debilitating diseases. For example, babies with brittle bone disease – a condition that can cause bones to break in the womb – are being treated with stem cells that help support the healthy development of their skeletons before they are born.

There is much that we need to better understand about stem cell therapies, but it seems that future developments will help to ensure that babies are born healthy, and above all, that they are born!

The post Breakthroughs in Treating Infertility with Stem Cells appeared first on All Peers.

Gerry Beuchelt - MITRELinks for 2016-11-27 [del.icio.us] [Technorati links]

November 28, 2016 08:00 AM
November 27, 2016

Matthew Gertner - AllPeersTop 3 Startup Staffing Tips [Technorati links]

November 27, 2016 05:41 PM

Your startup is expanding? This is great news, congratulations. This means you are moving from the garage into an office and will need to start staffing with high-quality talent that can help grow your business. Here are some startup staffing tips that will help you hire the right people.
Startup Staffing Tips
Look For Talent
Talent is different than skills. When hiring people you want the best of the best, a true talent community. Talent doesn’t always show just from a CV with a list of qualifications or past education. Talent and innovation come hand and hand so look for candidates that have created things or have hobbies which require critical thinking. Skills can be taught, but teaching talent is much harder. You can spend a few afternoons showing an employee how to use a new piece of software but it is much more difficult showing them how to lead their field of innovate.

Look For Passion
Startups require a lot of hard work, not only from the founder but from every team member. That is why it is important to find passionate team members when staffing your startup. Every member of your small team will be crucial so you need them to want to be there, a talented and nimble startup does not have room for anyone who is just there for a paycheck; you need to have people that want to see your company succeed (you should also incentivize for this.) One way to see passion is to look in the fine print of applicants CVs. It’s not enough that they know how to program or design, look for other activities that demonstrate these passions. Perhaps they are part of meet-up or creative collectives, this demonstrates a desire beyond the workplace to improve and practice their craft.

Social Skills
Whether you are a tech start-up, retail, or manufactoring; the most passionate and talented staff will be of no use if they can’t work well with others. That is why social skills are so critical. You need a diverse team of talent that can all work together to overcome ever-changing obstacles and challenges. This can be one of the hardest things to determine based solely on CV and interviews, so you may have to dig deeper. Ask the applicant to describe how they were able to overcome challenges with the help of a team, or talk to previous team members from past jobs and ask how the candidate interacted. The people involved in the first round startup staffing can end up being the top-level employees once you make it big, so be sure you are hiring people who are up to the task and can socialize.

We hope these startup staffing tips are useful when building the next big phase of your new company. It’s an exciting and fast paced time to be a startup so remember have fun, do good work, and good luck!

The post Top 3 Startup Staffing Tips appeared first on All Peers.

Matthew Gertner - AllPeersWhat You Should Know About Auto Service Contracts [Technorati links]

November 27, 2016 01:24 PM
What You Should Know About Auto Service Contracts - get them. Seriously.Photo by CC user stux on Pixabay

Many new car owners prefer to put all of their car repair eggs in a single warranty basket. To some degree this makes sense give that new car warranties cover many expenses that owners might expect to pay in the first few years. However there are some benefits available with auto service contracts that are often not included under new car warranties. So, even if you have a new car, there are some great reasons to consider an auto service contract – to make sure you are going with a reputable company, check out Omega Auto care reviews.

Here are some great reasons to consider that auto service contract!

Roadside Assistance

Getting stranded by the side of the road is never a fun experience, and it can be costly to get towed or roadside assistance. However, some auto service contracts include coverage for things like flat tires, towing, fluid replacements, and more. They can also provide help with lockout services and provide replacement keys if you get stuck!

Rental Car Reimbursement

While warranties will cover repairs to your vehicle, you can still find yourself out of pocket if you need to rent a vehicle while yours is in the shop. Some auto service contracts will reimburse you for these costs up to a daily limit. Some plans make this even easier by arranging for direct payment to the rental company so you are not out of pocket.

Accommodation Reimbursement

If you break down and find yourself far from home with no way to get back, or end up having to wait a few days while the local auto shop orders in a part, you can end up out of pocket for hotel and other expenses. Some auto service contracts will reimburse you for these costs, up to a daily maximum.

Car Repairs are Expensive

You may not have had to face this while your car is under warranty, but you know it is coming – cars are very expensive to repair. Back in the day, you could do many basic repairs or “tune ups” yourself if you had a bit of knowledge, but those days are long gone. With the computerization of cars, even the simplest repair can be beyond the abilities of most people. Having a service contract in place takes the sting out of car repairs.

You Will Need to Make Repairs

Cars are made to last longer it seems, and their health can be extended with religious maintenance according to the manufacturer’s schedule, but the day will come when you will do some major upkeep or replacement under the hood. When that is on the horizon you have three choices – sell the car, watch the car die a slow death, or make the necessary repairs and get years more use out of it. A good service contract can be the difference between getting those extra years out of your investment and being forced to sell the car because you can’t afford a major repair bill.

The post What You Should Know About Auto Service Contracts appeared first on All Peers.

Matthew Gertner - AllPeersSo You Want to Be a Small Farmer? [Technorati links]

November 27, 2016 12:03 PM
So You Want to Be a Small Farmer? Here is what you need to know...Photo by Keith Weller, acquired from USDA ARS

If you are like Bennett Kireker, you might be thinking about a career as a small farmer. There is no question that this can be a challenging career choice given that farming is subject to a whole range of externalities including weather, global commodity prices, fads in food and more. However, with a bit of creative thinking, you can earn a living from your small farm in many different ways – some of which have nothing to do with actual farming. Here are some ideas to consider.

Snail Farming

Like mushrooms, snails can be marketed to local restaurants and specialty stores and require only small start-up costs. And, like mushrooms, they don’t require a large space – this makes them an idea “side business” to supplement your farming income. Snails reproduce quickly and can reach a marketable size within 6-12 months depending on how you have bred and fed them. Snails don’t smell, and won’t make noise to disturb your neighbors, which is a definite plus.

Worm Farming

Especially if you live near fishing communities or garden centers, you might consider worm farming. As with mushrooms and snails, worm farming requires little investment, little space, and is relatively easy to do. They can be raised in containers of whatever size you have space for, filled with peat moss. The worms themselves can be purchased from your local fishing shop or from a wholesaler, and can be fed basic things like grass clippings and wet leaves. It is hard to get easier than that! The soil they have been raised in makes excellent compost that can be used on your own farm or can be sold to local gardeners.

Sell Farm By-Products

Depending on the kind of farm you operate, you may be have financially valuable by-products that could be sold to generate income. Manure from animals, compost material from works, or feathers can all be sold.

Special Events

Especially if you have a picturesque farm, consider renting it out for special events. A barn that could be converted into a party hall makes a great space for weddings or other events. Work with local wedding planners and photographers to help attract business. Alternatively, consider creating a corn maze or petting zoo in order to attract visitors to your farm on a regular basis.

Grow Flowers

Flowers grown for local shops can be a lucrative side-business if you have the space. Flowers are relatively easy to grow, and can be sold freshly cut for flower vendors or dried for arts and crafts stores. This can be a natural complement to bee keeping, below.

Keep Bees

Especially with the environmentally devastating collapse of bee colonies across the country, there is a growing business in keeping hives and renting them out to fields in order to allow pollination. This is not a casual hobby as beehives do need to be managed and tended, but it can be very lucrative – in addition to renting out your healthy hives, you can also get into the organic honey business.

No matter what your primary crop may be, any of these small farming ideas can generate income streams that will help you turn a profit as a small farmer. Do your research, and be creative!

The post So You Want to Be a Small Farmer? appeared first on All Peers.

Matthew Gertner - AllPeersSome of the Most Common Construction Risks to Look Out For [Technorati links]

November 27, 2016 07:59 AM
 Working at height is just some of the Most Common Construction Risks to Look Out ForPhoto by Lewis Hine.

As risk identification professionals like Lisa Dudzik can tell you, construction sites can be dangerous places – heights, holes, heavy equipment and other regular features of these sites can pose any number of hazards. Whether you are managing a large construction project or overseeing a home renovation, you need to be aware of the most common construction risks so that you take the necessary precautions to mitigate those risks.

Heights

Whether a project is being build up or down, there will almost always be a need for people to do their jobs at height – whether on scaffolding, cranes, platforms, or in harnesses. Care must be taken to ensure that work crews are properly trained and that safety equipment is well maintained and adequate for the job at hand. Workers doing their job at a height face risks related to falls, but it is important to remember that workers on the ground also face risks from objects that may be dropped or dislodged by workers overhead. Again, proper training and awareness is vital, as are safety features to minimize the risk of falling objects – for example, nets or other barriers.

Objects in Motion

A busy construction site will have objects moving through space in all directions – supplies may be hoisted up to workers overhead, cranes may be swinging heavy loads from one side of the site to the other, and people and vehicles will be moving every which way. To a degree risk the risk of accidents can be reduced by ensuring that transportation lines within the site are clearly delineated and as far as possible that barriers are erected to protect workers. However this is not always possible and so operators of heavy equipment as well as people moving around the site need to be vigilant.

Slips and Falls

With so much attention needed above and around anyone moving through a construction site, workers need equally to pay attention to the ground beneath their feet. Sharp objects, holes, uneven surfaces, liquids, cables and other hazards are pretty much everywhere on a busy construction site. Proper footwear is vital to ensure that crush or puncture injuries are minimized, and regular site inspections to identify and ideally remove hazards should be undertaken. However, awareness on the part of the construction crew is vital.

Airborne Hazards

Demolition projects are notorious for releasing dangerous materials into the air. Asbestos has not been used in new construction for many years, but it can still be found in older buildings and becomes a hazard when it is released into the air. Other airborne hazards include dust and other particles, and potentially toxic fumes from resins, glues, plastics and other materials. Workers must be supplied with the necessary equipment to ensure that they are not exposed to these hazards, and supervisors must ensure that the equipment is being properly used.

These are just some of the many hazards and accidents waiting to happen that can be found on any construction site. Everyone involved must be vigilant and must work to identify these and other risks to safety and well-being of construction crews.

The post Some of the Most Common Construction Risks to Look Out For appeared first on All Peers.

Matthew Gertner - AllPeersAdvantages of Arbitration to Resolve Construction Disputes [Technorati links]

November 27, 2016 07:45 AM
The Advantages of Arbitration to Resolve Construction Disputes are undeniablePhoto by CC user Loozrboy on Flickr

Unfortunately, despite the best efforts of everyone involved to have a comprehensive contract and to honor the terms of that agreement, it is the case that sometimes there are disputes which cannot be resolved without the intervention of a third party in the form of court litigation or binding arbitration. As a construction arbitration professional, Lisa Dudzik Australia would suggest that there are advantages and disadvantages to arbitration that should be weighed carefully before you decide what approach is best for you.

Time

If a timely resolution of a dispute is a prime consideration for your business, arbitration may be the best option because it generally proceeds more quickly than a court proceeding where backlogs are becoming common. Additionally, because there are only limited possibilities to appeal the outcome of a binding arbitration, there is less potential for proceedings to be indefinitely extended. However, a fast resolution depends on the commitment of all parties to adhere to agreed-upon deadlines, and on the willingness of the arbitrator to enforce the schedule in the case of delays.

Expertise

Because arbitrators are selected with input from the parties to the dispute from a pool of professionals with experience in the relevant industry, choosing to resolve disputes this way means that you are likely to have the situation dealt with by someone with experience in the construction industry. This is not insignificant because there are aspects to construction disputes that may not be familiar to a judge in a court setting. Additionally, in the court system judges are assigned and may or may not have any experience with construction arbitration.

Outcomes

It is often the case that arbitration results in outcomes that don’t heavily favour one side or another. For this reason, if you feel that you are entirely “in the right” it may be better to pursue a resolution of the dispute in the court system.

Privacy

In a court case, there will be a public record of the proceedings which may be reviewed by any member of the public. Arbitration is private process in that there is no public record kept (although this does not necessarily mean that the record is confidential).

Cost

If the arbitration process is relatively straight-forward, it may be less costly thank a litigation in the courts because there is no need to hire a lawyer, pay court fees, or the cost of the trial itself. That said, a complicated arbitration process is not inexpensive because the arbitrator’s time and location fees must be paid.

Different jurisdictions

In situations where the parties to a dispute do not reside in the same jurisdiction – as is often the case in large infrastructure projects – there is often a preference for arbitration. This is partly because the ability to choose arbitrators means that neither side feels the advantage of being the “home team.” It may also be easier to enforce the outcomes of arbitration across international jurisdictions as an international convention signed by 150 member states. National court decisions may be much harder to enforce in other countries.

Hopefully, through careful contracting and good will on all sides, there will be no need to bring construction disputes to a third party. If it becomes necessary, be sure to consider the options carefully to choose the best approach for your needs.

The post Advantages of Arbitration to Resolve Construction Disputes appeared first on All Peers.

November 25, 2016

Matthew Gertner - AllPeersWatching Movies Just Gets Easier with Time (and with DNS Proxy!) [Technorati links]

November 25, 2016 08:37 AM
Watching Movies Just Gets Easier with Time ... wouldn't you agree?Photo by CC user personalcreations on Flickr

In the early days of movies, moviegoers had to wait for months to see their favorite films. The anticipation that built up during the weeks of advertisement, coupled with the time spent waiting in line to buy the tickets, was all worthwhile once they were seated in the theater, watching the opening scene. And, until the advent of home VCR machines, once a movie left the big screen, the average person lost access to it for good.

Yes, Progress is a Good Thing

The progress of the technology used to share movies with audiences all over the world continues to astound. What was once only available to be seen on movie theater big screens has cut a path through time in various forms. First the VCR, then the DVD, followed by Blu-ray and digital—and now, streaming on the Internet.

All of these technology advancements have opened the doors for movie buffs and TV show enthusiasts to enjoy their favorite pastime through a much simpler process. Accessing the shows you love can now be done wherever you are, across the globe. Thanks to companies that stream via the Internet (like Netflix or Hulu), you aren’t limited by time, place or space.

But How is that Possible?

Imagine that Sally from San Diego is on a vacation in Spain, and one day, while the rain is keeping her from exploring the countryside, she’s stuck in her hotel looking for her favorite movie. Unfortunately, when she tries to access her Hulu account, security measures for the hotel’s Internet prohibit her. She’s left with nothing but frustrations—and still no movie.

That’s where DNS Proxy comes along and works like a very secure key in a complicated lock. Now, you can access the movies and shows you are accustomed to watching in the comfort of your own home, wherever and whenever you want. So if Sally from San Diego uses her DNS Proxy capabilities, her rainy day in Spain won’t be a total loss.

DNS Proxy Works in Many Arenas of Network Service

One of the great things about DNS Proxy is its versatility. Not only can it open the door to movies and TV shows, it also makes possible playing the best viral videos and listening to your favorite music. Really, anything streamed over the Internet can be accessed, safely and securely, without any worries about hackers or interrupted service.

DNS Proxy will also work on virtually any device—PC, Mac, Xbox, iProducts, Androids, and more. This opens the door to the world of virtual entertainment even further. With DNS Proxy capabilities, the sky is truly the limit.

The post Watching Movies Just Gets Easier with Time (and with DNS Proxy!) appeared first on All Peers.

November 24, 2016

Matthew Gertner - AllPeersTop Tips for Introverts Preparing To Pop the Question [Technorati links]

November 24, 2016 03:44 PM
Shy about marriage proposals? These Top Tips for Introverts Preparing To Pop the Question will help you do itPhoto by CC user AdinaVoicu on Pixabay

You probably spend the entire day fantasizing about the moment you’ll pop the question to your girlfriend. Most introverts planning a proposal do, though they’re clueless about their loved one’s taste for an engagement ring and how to proceed.

But hey, don’t sweat it. Your shyness need not cast a shadow on your aspirations of marrying your lady.

Sure it might be a little difficult for you to find your way on a first date, but this is your girl! You can do this! You can come up with a great proposal while staying true to yourself.

Mentioned below are helpful tips for introverts to shine when getting down on one knee:

1. Browse Your Lady’s Social Media Profiles for Clues

Want to know what her taste is like and her fashion preferences? Scroll through her social media likes and posts for clues. If she’s posting about a particular cuisine often, you can take her to a restaurant that serves that cuisine. But if that option is too crowded for your liking, you can just make the cuisine yourself and arrange a weekend at home for the special moment.

Also, check what kind of jewelry/accessories she likes or comments upon. This will help you infuse her style into the engagement ring. Front Jewelers and other stores are available if she has a unique taste for jewelry. For instance, morganite rings are unique compared to the traditional engagement rings and come in a variety of colors, such as rose gold, black and white. Therefore, you have the option to surprise her with a unique engagement ring in a color that matches her style statement.

2. Take Her Down Memory Lane

If you want to make the proposal a private affair with an exciting (not cliché) flare, setup the photos of the special moments you share with her in your apartment. Hang them on the walls or print them out and attach them to balloons. Doing this will make your girlfriend reminisce the moments of your relationship as well as show her how special she is to you, a perfect setting for popping the question.

To add an element of surprise, you can pop the question in a different manner altogether. For instance, you can spell out the proposal with glow-in-the-dark stickers on the wall or ceiling. Light up a candle in the room that shines on only the two of you, turn off the lights, bend down on one knee, and ask her to look up. Perhaps you can ask a close friend to help you out in arranging this setting.

3. Set up a Scavenger Hunt

Want to have some fun before popping the question? Set up a scavenger hunt at your place, her place, or where you first had a conversation. Ask her to visit the location for some reason, such as play, study, dinner or anything else that you do in your usual routine.

You’ll have to leave clues around like photos, gifts, notes, monuments, or even use text messages to guide her. Things like fortune cookies should be avoided as they make it apparent that you’re going to propose; you want to keep the element of surprise alive. Make sure the hunt ends at the exact spot where you plan to propose her.

These tips will ensure you pop the question with confidence.

The post Top Tips for Introverts Preparing To Pop the Question appeared first on All Peers.

Mike Jones - MicrosoftSecurity Event Token (SET) Specification and IETF Security Events Working Group [Technorati links]

November 24, 2016 03:54 AM

IETF logoAs those of you who have been following the id-event@ietf.org mailing list or attended the inaugural meeting of the new IETF Security Events working group know, Phil Hunt and co-authors (including myself) have been working on a Security Event Token (SET) specification. A SET is a JSON Web Token (JWT) with an “events” claim that contains one or more event identifiers (which are URIs) that say what event the SET describes.

This work isn’t being done in isolation. Among others, the OpenID Risk and Incident Sharing and Coordination (RISC) working group, the OpenID Back-Channel Logout specification, and the SCIM Provisioning Events work intend to use the Security Event Token format.

To make this concrete, the claims in an example OpenID Connect Back-Channel Logout token (which is a SET) are:

{
  "iss": "https://server.example.com",
  "sub": "248289761001",
  "aud": "s6BhdRkqt3",
  "iat": 1471566154,
  "jti": "bWJq",
  "sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
  "events": {
    "http://schemas.openid.net/event/backchannel-logout": {}
  }
}

You’ll see that this a normal JWT, with the issuer, subject, and session ID identifying the target of the logout, and the “events” value identifying the JWT as a logout SET.

Today, we published an updated SET spec based on discussions at IETF 97, which simplifies the SET parsing. Thanks to Phil Hunt or Oracle, William Denniss of Google, Morteza Ansari of Cisco, and the numerous other contributors who’ve gotten us to this point. We now believe that this specification is ready for adoption by the Security Events working group.

The specification is available at:

An HTML-formatted version is also available at:

The OpenID Connect Back-Channel Logout specification should be updated soon (after the US Thanksgiving holiday) to utilize the simplified SET syntax. Happy Thanksgiving, everyone!

November 23, 2016

Matthew Gertner - AllPeers4 Ways to Better Motivate Your Employees [Technorati links]

November 23, 2016 10:03 PM
employeesPhoto by CC user Anna Hirsch on Flickr.

Would you say you do a good job of motivating your employees?

For some business owners, motivating those working under them is a piece of cake. Others, meantime, struggle with this all-important facet in the workplace. For those in the latter group, those challenges can lead to problems, especially when it comes to customer service.

No matter what size business you run, it is important that you do anything and everything when it comes to keeping your team motivated.

Sure, there will be days where some of your workers (perhaps even you) will come to work with little or no energy. In those cases, getting through the day can feel like a real grind. In those types of situations, the need for production becomes even more important.

Always keep in mind that your customers typically have myriad of choices as to which companies they want to do business with. In the event you (or your team) are feeling not all that motivated, the results could be lost customers and ultimately dwindling revenue.

With that in mind, are you looking for ways to better motivate your employees?

Messages and Actions Do Matter

So that your business can stand head and shoulders above the competition, remember these four tips:

Don’t Let a Good Job Go Unnoticed

Even though you might very well be fixated on your company’s money matters, don’t overlook the importance of keeping employees motivated and happy.

When you send your team the right message, they in turn will likely respond with open arms.

As an employer, how do you go about motivating your employees on a regular basis?

The post 4 Ways to Better Motivate Your Employees appeared first on All Peers.

KatasoftHallo Deutschland! Stormpath Launches European Enterprise Region [Technorati links]

November 23, 2016 09:20 PM

Today we’re excited to announce the launch of Enterprise Cloud service in Europe! Our new EU region will help European customers keep their user data wholly in-region. We’ve selected the AWS data storage center in Frankfurt, Germany as Germany has some of the strictest data privacy regulations in the EU. This will not only improve login latency for EU-based end users but will also help our European customers comply with EU privacy and data isolation regulations.

EU User Data Isolation

Our new EU region offers all the features of the public Stormpath API, including user management, token authentication, multi-tenancy, multi-factor authentication, and authorization. As an enterprise customer, you can choose either the Stormpath US or EU Enterprise Clouds — or both! — to run Stormpath on infrastructure dedicated to your region. This provides powerful global identity management with isolated, geo-located infrastructure.

Get Started

If you have an EU-based project and want to know more about the Stormpath Europe Enterprise Region, our sales team is happy to walk you through the details.

If you’re new to Stormpath, we offer the same core API functionality across all our environments. You can test drive Stormpath and our integrations with a developer account on our Public API at any time, for free. Get Started Now!

Why Stormpath for User Management?

With Stormpath, you can launch your application faster with industry-leading security, allowing you to focus on the core features that will make your project a success.

“The goal of Stormpath is to free up developers’ time so they can focus on what really matters to their product and business,” said Les Hazlewood, co-founder and CTO. “Managing users in the cloud is complicated and risky; we can put years of security expertise and best practice in their applications in less time than it takes to make coffee.”

“Stormpath is at the forefront of application security as a service,” says Ross Mason, founder of Mulesoft. “Since every application requires user security, this service reduces the infrastructure burden, making it possible to avoid rolling the same code over and over.”

EU-US Privacy Shield

Stormpath has long been proud to comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries when their data resides in our US region.

Stormpath has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.

As always, we’re happy to answer any questions you might have, or get you started on our new EU Cloud. You can reach out to us on Twitter @gostormpath or connect via email.

The post Hallo Deutschland! Stormpath Launches European Enterprise Region appeared first on Stormpath User Identity API.

November 22, 2016

Matthew Gertner - AllPeersConnect With Qualified IT Providers Today [Technorati links]

November 22, 2016 06:01 PM

When many entrepreneurs sit down and create a budget detailing the cost of the resources they need to run their businesses, they may realize that they don’t have the resources they need to pay full-time staff members to fulfill roles that are vital to the business’ success. Lean companies don’t keep people around when they’re not needed; just as you only need your tax accountant once a year, you may only need an IT professional when a problem arises or when you want to adopt a new technology. When there’s a “technical difficulty” in your operations, sourcing a solution can take time you can’t afford to spare.

Technology has made it easier than ever for anyone to start and run a business; these days an entrepreneur can manage a business with little more than a laptop and a WiFi connection, but when something goes wrong, it can mean that business comes to a standstill. While the internet makes the process of doing business much easier than it has ever been, as entrepreneurs grow they will need the help of a qualified IT professional to keep their infrastructure running smoothly.

Connect With Qualified IT Providers Today and get more from your business' technology

If you’re an entrepreneur, you have to make sure that your information and your customers’ information is secure and that means making sure that you have a secure payment method. For instance, anyone who is collecting their customers’ credit card information online in order to process payments for goods or services must make sure that that information is protected from potential fraud. There have been plenty of headlines about large companies that have been the targets of cyber attacks that breach the security of their employees or their customers. Cyber security is one of the more complex issues of the day and as long as you’re taking customer information or processing payments, it’s critical that you hire credible, qualified professionals to handle it.

Many businesses have been turning to IT services like BizXPro to connect with credible providers in their region without the wait or wasting time on interviews with the wrong candidates. Rather than search high and low on search engines and online classifieds, sending out requests and waiting weeks for call backs, they’ve been using a purpose-built platform to narrow down their searches to the most relevant providers. The search engine takes your price range, project description, and priorities for a winning bid and matches you to the most relevant providers in your area. From there, you can learn about the providers and select the one you think will be best for the job. While you’re only connected with IT providers, BizXPro differs from DIY searches by guaranteeing a response in 2 days or less. You can get your new IT projects up and running faster than ever before with the right people for the job.

There are dozens of categories on BizXPro.com in which IT providers work, from cyber security to customer relationship management software, cloud services, SEO, and data centers. You depend on technology like your CRM to keep track of leads and create strategies that work; you want the best people to help you set up and manage your technology so that you can get back to your business.

The post Connect With Qualified IT Providers Today appeared first on All Peers.

November 21, 2016

KatasoftProduct Documentation vs. Knowledge Base [Technorati links]

November 21, 2016 01:55 PM

Determining the right location for information is one of the fundamental problems faced by application developers, technical writers, and customer support engineers. It’s no good having information that no one can find, and the first step in making sure your users find it is putting it somewhere they’re likely to look. At Stormpath, we’ve got two places where information lives: our Product Documentation and our Knowledge Base. These two live in different places, are largely maintained by different teams and until recently also contained a lot of the same information. This isn’t just a Stormpath problem, it’s something that crops up very often as a company grows.

The overlap caused no end of confusion for customers and employees alike, as they might find the same information on two different pages explained in two different ways by two different people. It was also a maintenance nightmare since any update had to start with you finding all the places that something was documented in the first place.

Product Documentation

Our Product Documentation lives separately for a number of reasons. First, the Product team wanted to build multiple Product Guides, with custom code, pre-processors, if/then/else logic, and so on. All of this was possible with a combination of markup and static-site generators, but not possible with Zendesk.

Secondly, we wanted consistency with the code documentation. A lot of our language-specific API documentation is generated out of the code using tools like Javadocs and Sphinx. It’s easy to make this documentation look and feel consistent using static-site generators.

Finally, on a team of mostly developers, there’s an understandable preference for markup and plain text over a Zendesk/Wordpress/etc WYSWYG interface.

Having established why we wanted separate Product Documentation, we came up with these goals and standards for it:

What does or doesn’t belong in there is usually a game-time decision by the Product team, but in general: workarounds, specific instructions on using Stormpath with non-Stormpath tools or libraries, and short answers to specific questions all do not belong in Product Documentation.

Knowledge Base

The Knowledge Base (KB) is maintained by the Customer Success team, who work out of Zendesk. Zendesk came equipped with a KB feature, and it’s very nicely integrated into their question submission workflows. This means that if a customer wants to ask a question, they can be shown relevant KB articles. At the same time, Zendesk also provides search results to the Customer Success team when they’re answering a question, saving time that would otherwise be spent writing redundant answers. Sounds great, right?

Of course what many teams quickly realize is that the road from a customer question to documentation is not at all straightforward. How can you tell if a customer’s question should be forwarded to the Product team and added to the documentation queue, or whether a simple KB article will do?

So when we set about defining what rightly belongs in our Knowledge Base, this is what we came up with:

Every Knowledge Base should aim to help a customer with a specific problem get an answer as quickly as possible.

This is all of course still evolving, but we’re happy with the division we’ve arrived at. Product Documentation aims to be comprehensive, structured, and accurate. Everything that you would want from the canonical source of information for your product. The Knowledge Base doesn’t aim to be comprehensive, it contains little-to-no structure in and of itself, and the articles are short and to the point.

The next goal is ensuring that customers are able to find the information in both sources as quickly and intuitively as possible. The knowledge management challenges never end!

Questions? Opinions? Leave them in the comments below, and don’t forget to check out my post on why video documentation is never the right answer!

The post Product Documentation vs. Knowledge Base appeared first on Stormpath User Identity API.

Julian BondHere’s The Thing With Ad Blocker detection code. [Technorati links]

November 21, 2016 09:44 AM
Here’s The Thing With Ad Blocker detection code.

I get it: Ads aren’t what I'm here for. But ads help the site keep the lights on. So, I've added your site to my ad blocker’s whitelist.

So why are you still showing me the adblocker warning message and preventing me from reading your content?

Could it be because I've got doubleclick in my /etc/hosts file pointing at localhost because I don't particularly want doubleclick and google tracking everything I do, everywhere on the web. Can't your adblocker detection code tell the difference?

Oh well. That's another site I'll try and remember not to click through to.

So what do the common adblocker detection libraries actually look for?
[from: Google+ Posts]
November 18, 2016

MythicsArchitecting and Building a Secure Private Cloud for Healthcare Provider Welligent [Technorati links]

November 18, 2016 02:24 PM

Mythics Creates a Secure Private Cloud Roadmap for Cloud-Based Electronic Health Record (EHR) Provider Welligent

See a fantastic video below highlighting Healthcare provider Welligent,…

November 17, 2016

CA on Security ManagementThe Modern Software Factory: What it is and why you need one [Technorati links]

November 17, 2016 05:05 PM
Digital disruption. Compressed innovation cycles. New forms of competition. Rising customer expectations. Increasing cost pressures. Today’s enterprises are facing unprecedented challenges and they have less… The post The Modern Software Factory: What it is and why you need one appeared first on Highlight.

&nbsp;

KatasoftString Interpolation with Apache Shiro [Technorati links]

November 17, 2016 04:48 PM

I am happy to announce the the 0.8.0-RC1 release of our Stormpath-Shiro integration.
This release builds on top of the recent Apache Shiro 1.4.0-RC2 release.

The 1.4.0 Apache Shiro release adds a handful of great features:

Of course that’s not all, in the Stormpath integration we have:

I’ll cover most of these new features in upcoming blog posts, but for today let’s jump into string interpolation.

String Interpolation

This is one of those things that you know either by this term or another (substitution, filtering, etc). Basically, it comes down to evaluating a string containing one or more placeholders.
For example, in the Java world, the most common placeholder looks something like this: ${keyName}. Many Java tools and libraries use this format: Apache Maven, Gradle, Spring, Groovy, etc.

Enabling string interpolation in Apache Shiro is as simple as including a Maven dependency (or the equivalent in Gradle):

<dependency>
    <groupId>org.apache.commons</groupId>
    <artifactId>commons-configuration2</artifactId>
    <version>2.1</version>
</dependency>

This step is not needed for the stormpath-shiro-servlet-plugin, as this dependency is included by default.

Out of the box, system properties, environment variables, and Java constants are available for use.

Using the following shiro.ini example, we can replace the environment specific values with place holders.

[main]
ds = com.mysql.jdbc.Driver
ds.serverName = localhost
ds.databaseName = db_name

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds

Using system properties dbDriver. dbHost, and dbName we end up with a shiro.ini that looks like:

[main]
ds = ${dbDriver}
ds.serverName = ${dbHost}
ds.databaseName = ${dbName}

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds

You can even set default value, since we are just using Apache Commons Configuration library,
taking this example one step further we can also define a default value for dbDriver:

[main]
ds = ${dbDriver:-com.mysql.jdbc.Driver}
ds.serverName = ${dbHost}
ds.databaseName = ${dbName}

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds

Personally, I prefer system properties over environment variables (as they are not inherited by forked processes), but those would work too:

[main]
ds = ${DB_DRIVER:-com.mysql.jdbc.Driver}
ds.serverName = ${DB_HOST}
ds.databaseName = ${DB_NAME}

jdbcRealm = org.apache.shiro.realm.jdbc.JdbcRealm
jdbcRealm.dataSource = $ds

Java constants are handled slightly different, they need to be prefixed with const, so for java.nio.charset.StandardCharsets.UTF_8, you end up with ${const:java.nio.charset.StandardCharsets.UTF_8}.

Easy enough, now you can safely commit your shiro.ini file to source control and not worry about protecting your secrets or dealing with differences between environments.

A couple final points:

The post String Interpolation with Apache Shiro appeared first on Stormpath User Identity API.

Matthew Gertner - AllPeersTurn Your Law Degree into a Job [Technorati links]

November 17, 2016 01:25 AM

barrister-23787_1280

You’ve studied hard, aced your exams, and graduated from law school.  Now all you need is a job!  The profession, it is true, is competitive and you may find it overwhelming to think about pounding the pavement.  However, with some forward thinking and a willingness to put in the time on an active job search, you will be on your way to landing your first job as a lawyer.  Here are some tips to help organise your efforts.

Apply to Every Job that Seems a Good Fit

As a new graduate, you may have cultivated an idea over the last few years of your studies of the “perfect job” – but don’t let “the perfect” be the enemy of “the just fine.”  In a competitive market, it makes the most sense to apply for every job for which you meet the terms of the position.  Even if you have no intention of accepting anything other than your dream job, the application process itself may be very insightful.  You may find that you don’t get interviews for jobs that you felt well-qualified for, and in this case, you may benefit from that signal to refine your cv or cover letter.  If you do get interviews but don’t receive an offer, this could signal a need to improve your interview skills. And, you just might find that your perfect job comes along where you didn’t expect it!

Don’t Limit Yourself Geographically

This one can be tricky if you have a spouse or family obligations in one place, but as far as possible try not to be bound by place.  The truth is that there are more jobs in cities such as London or New York than there are in St. Louis, and your chances of finding the right job increase with the size of the city.  If you are offered a job in a city that you hadn’t considered or that you don’t want to live in, try to think of it as an opportunity to develop your cv so that you can eventually move to where you want to be.  And the reality of your first few years as a lawyer is that you won’t be leaving your office much anyway!

Network

Without becoming “that guy” who can’t have a conversation with anyone without it turning back to the job hunt, do make sure that you develop your networking skills and develop a sense of when there may be a lead for you to follow.  Former professors, other students, people in related fields, friends who have already found a job – all of these people may have useful leads that could help you land your first job.  Let people know that you are hunting and ask them for referrals.  Very often, it is informal referrals that can be the difference between getting an interview and not.

It can be a challenge to land your first job as a lawyer, but perseverance is how you got through law school after all!

 

The post Turn Your Law Degree into a Job appeared first on All Peers.

November 16, 2016

ForgeRockIdentity Summit Paris [Technorati links]

November 16, 2016 10:04 PM

The Paris Identity Summit took place yesterday, Tuesday, November 15th at Le Cercle National Des Armées. The Summit was ForgeRock’s biggest-ever event in France, and came right on the heels of the very successful London Summit. We had more than 200 attendees from across France and southern Europe. The agenda was very impressive with presentations from CNAV, TomTom, Forrester, and Accenture, to name a few. With so many attendees, the event was trending on social media all throughout the day. We’ve collected notable tweets and photos in a Storify stream, and we’re posting it here for everyone to enjoy. You can find select decks from the Summit on SlideShare.

The post Identity Summit Paris appeared first on ForgeRock.com.

Matthew Gertner - AllPeersRomance and online dating [Technorati links]

November 16, 2016 09:59 PM

man-1246028_1280

Love used to be something that took place face-to-face. It then moved to letters being send between two people until the phone took over. Then the internet happened; and the whole world of dating as we knew it just changed to what it is now: an easy thing that people can do from the comfort of their own homes; as long as they have an internet connection and a working computer. Now that these things take place in the virtual world, does this mean that all romance has been lost. Is dating becoming too virtual and losing all its charms in the process?

Older dating methods

Romance is something that has always been depicted in the media; from novels to movies and beyond. Back in the days you had to meet face-to-face which often lead to awkward situations which made it all more romantic and spontaneous. Even when people were being naughty and talking to their girlfriends on the phone for a local booty call there was still a lot of charm to it. People where hard to reach so you valued the times spent with them. There was something exciting about just hearing their voice and you couldn’t wait till you saw them next.

Modern dating

These days we are spoiled; we can talk to people for hours on end without being in the same room; and webcams really make the interaction to feel as if it’s the real deal. You can still turn each other on through a webcam but it lacks the feel of being in the same room. You cannot touch each other, you cannot feel each other’s heat and senses like smell are just not there. So talking online might be close to the real deal but it still lacks a lot of the feelings that make a true face-to-face encounter.

Future dating

Virtual Reality and other technologies continue to evolve and we are closer now to being virtually in the same room with a person than ever before. These days you can have a conference with friends in a virtual room so having a virtual date in a beautiful CGI forest or romantic setting of your choice might become the norm. It’s still fake but it’s getting closer to the real thing; in fact there might come a time where people only interact virtually but that’s a whole article altogether. We will most likely be able to touch each other using virtual gloves and bodysuits with sensors and motors attached to them; who knows how far this will all go?

Is romance lost?

Romance will always exist; whether people try to sell it to us or whether we feel it is genuine. That’s the thing about it: everyone has their own definition of what romantic really means. For some it is doing the right thing at the right time; for others it is just fighting hard to keep your relationship going. Ultimately we still need intimacy and as long as humans can get involved together then romance will always play a part in their lives. Yes things are changing but humans are still the same; and we all need a bit of romance here and then.

The post Romance and online dating appeared first on All Peers.

CA on Security ManagementNew innovations to accelerate the flow from idea to outcome [Technorati links]

November 16, 2016 06:26 PM
What we build and how we build at CA is affected by all the market dynamics that affect our customers. Whether adopting new architectures based… The post New innovations to accelerate the flow from idea to outcome appeared first on Highlight.

&nbsp;

Matthew Gertner - AllPeersApply for a Federal Tax ID in Washington D.C. [Technorati links]

November 16, 2016 05:56 PM

Apply for a Federal Tax ID in Washington D.C.

Apply for a Federal Tax ID in Washington D.C. to stay on the right side of the lawPhoto by CC user Faolin42 on Wikimedia Commons

Filing taxes can seem like a chore sometimes, but it is important that you do so correctly and accurately in order to keep everything running smoothly. Ending upon the IRS’s bad side is no way to ensure that your life – and particularly your business – remain stable and productive. At IRS-EIN, we understand that sometimes you find yourself in a situation were you need the proper tax documentation – like the employer identification number (EIN) fast. We can help you obtain your EIN number in Washington D.C. quickly and help ensure that you are able to file your taxes properly.

Do I need a tax ID number in Washington D.C.?

The first thing to do before applying for an EIN number is to determine whether or not you really need to do so. If you are running a business, the likely answer is “yes”. This particularly true, for example, if your business is run as a corporation or a partnership and has employees. Trusts and estates that are run as entities are also likely to need a tax ID number in Washington D.C. Additionally, if you plan to file for an employment tax return, excise tax return, or alcohol, tobacco, and firearms tax return, you will need to file for a tax ID in Washington D.C.

Finally, if you have household employees such as the following, you might need to file for an EIN:

Apply for an EIN Number in Washington D.C.

If you need to obtain a tax ID number in Washington D.C., let IRS-EIN-Tax-ID.com help. Our application process is simple, and will get you the EIN you need quickly. Apply for an EIN online today.

The post Apply for a Federal Tax ID in Washington D.C. appeared first on All Peers.

OpenID.netOpenID Certification Adoption Continues – Well Done Symantec! [Technorati links]

November 16, 2016 02:20 PM

Congratulations to the Symantec Identity team on the certification of it’s expanding OpenID Connect capabilities and their registration on the OIXnet registry.  This would not have been possible without the vision and pioneering leadership of Nico Popp and the sustained support of Open Identity Exchange Vice Chairman Paul Agbabian and Brian Berliner, Symantec’s Board Representative at the OpenID Foundation.

The OpenID Certification test platform, the test results and legal attestations of large international competitors, governments and a worldwide community of independent developers are secured in Symantec data centers. Symantec’s directed funding of its world class infrastructure and technical support is an indispensable element in the trust necessary to drive the growing global adoption of OpenID standards, self certification and Open Identity Exchange registration. 

Well Done Symantec!

Don Thibeau
Executive Director
The OpenID Foundation

Kantara InitiativeKantara Initiative and EEMA Sign Memorandum of Understanding at ISSE Innovation Expo [Technorati links]

November 16, 2016 02:01 PM

Organizations to Work Together to Promote Trusted, Privacy-respecting Digital Identity and Personal Data Ecosystems to Support the Digital Economy

WAKEFIELD, Mass., USA – November 16, 2016 — Kantara Initiative and the European Association for E-identity and Security (EEMA) announced today that they executed a Memorandum of Understanding (MOU) at a signing ceremony at the Information Security Solutions Europe (ISSE) “Securing Future European Business” Innovation Expo in Paris today.

The MOU will enable member collaboration and knowledge sharing by bringing together the complementary strengths that each organization has developed for the betterment of the Digital Economy. Both non-profit industry organizations are leaders in their respective technical and market niches. Kantara develops innovative Trust Framework components and programs in the identity and personal data management space for digital identity transformation. EEMA is the leading independent not for profit, European think tank focusing on identification, authentication, privacy, risk management, cyber security, the Internet of Things and mobile applications.

“Both organizations share much in terms of goals, purpose and intent, with EEMA focused on the networking, research and project aspects and Kantara focused on the innovation, development and program implementation aspects” said Jon Shamah, chair, EEMA. “Deepening the relationship between Kantara and EEMA will aid in the continued drive toward the common goal of developing and supporting the creation of trusted, more privacy-respecting identity and personal data ecosystems to support the digital economy.”

Kantara and EEMA to Work Together
The purpose of the MOU is to formally recognize the existing common aims and juxtapositions of the two organizations as well as to be supportive of each other for mutual and wider collective benefit. The two groups will share relevant market, research and technical information, and other content that each organization would otherwise provide only to its own members and/or participants, and will participate in each other’s working groups and committees. Also, Kantara and EEMA will carry out additional cross-organization outreach, initiatives and activities that may be agreed to in future.

“EEMA’s reputation for networking and engagement can be leveraged with Kantara’s service programs and development platform. It makes sense for EEMA and Kantara — and for our communities and strategic alliances — to work together toward our shared goals,” said Colin Wallis, executive director, Kantara Initiative. “Collaboration is already a key aspect of Kantara’s work. There are real synergies to be derived from playing to our respective strengths while maintaining our own brand and organization culture, to better serve the citizens of Europe.”

About EEMA
Brussels-based EEMA, is the leading independent European think tank focusing on identification, authentication, privacy, risk management, cyber security, the Internet of Things and mobile applications. EEMA’s world class conferences provide the forum to network with digital enterprise experts, high level EC and other government experts. Meanwhile, its series of high level fireside briefings in Brussels and London provide the ideal forum for industry leaders to tackle controversial hot topics in an intimate, invitation only setting.

Through collaboration with EU & Global Partners (including the creation and coordination of the
European Trust Foundation), EEMA has an established and growing network throughout Europe. This community provides the ideal platform to disseminate information and share expertise regarding the high-profile and significant EU projects EEMA is involved in. Visit eema.org for more information, or email: info@eema.org

Follow EEMA on Twitter: @EEMA1

About Kantara Initiative
Kantara Initiative, Inc. provides real-world innovation and development of service programs for the digital identity and personal data ecosystems. Beyond its flagship Identity Assurance Trust Framework, developing initiatives including Identity Relationship Management, ground-breaking User Managed Access (EIC Award Winner for Innovation in Information Security 2014), Identities of Things, and the GDPR-ready Consent Receipt specification, Kantara Initiative connects a global, open, and transparent leadership community, including CA Technologies, Experian, ForgeRock, Digi.me, Internet Society, Nomura Research Institute, Radiant Logic and SecureKey. More information is available at https://kantarainitiative.org/.

Follow Kantara Initiative on Twitter — @KantaraNews

ForgeRockNulli Identity Series: User Managed Access – A Primer [Technorati links]

November 16, 2016 12:55 AM

Editor’s Note: ForgeRock and its global partner, Nulli, held a well-attended industry event on Digital Identity and Privacy, with a focus on the User Managed Access standard, in Edmonton on Oct. 4. This article originally appeared on the Nulli blog. Many thanks to Nulli’s Roland Davis for allowing us to repost here. 

Nulli arranged to have Allan Foster, ForgeRock VP of Strategic Partner Enablement, speak with industry professionals about the benefits of leveraging the User Managed Access (UMA) protocol for their customers, partners and employees. The talk took place in Edmonton, Alberta where Allan noted UMA was an encouraging development that provided digital individuals auditable control over who has consent to access to their personal information.

 

Allan is the president of the Kantara Initiative, the braintrust behind the development of the UMA model of consent. He thus brought first-hand experience of the requirements that drove the creation and adoption of UMA in the digital identity community. Eve Maler, a leading proponent of UMA and peer of Allan’s at ForgeRock and Kantara, has worked closely with Allan to build recognition and adoption of the UMA protocol. Take a look at Eve’s excellent talk from the ForgeRock Identity Summit 2016 and learn how UMA can be applied to authorization, consent and delegation scenarios across a wide variety of sectors.Nulli on User Managed Access

User Managed Access – How It Works

Allan’s discussion and presentation fueled interest in the application of UMA within the context of an organization’s identity strategic model. UMA gives individuals the ability to manage who has access to personal or private information and resources within a secure framework. UMA is a consent model that has been standardized. In basic terms, the way UMA works is that there is an Owner, and that Owner has information, resources or applications (known in the UMA world as a Protected Resource) that they may wish to share. A request for consent to access the Protected Resource can be made by a Requesting Party through the Authorization Server. The request for consent to access is made to the Owner and is either granted or denied. Rules defined by the Owner govern the access granted and are enforced by the Authorization Server.

The value of UMA is that it allows an Owner to manage access to their information by either providing or revoking consent to the Protected Resource as needed. The other unique benefit is that a Requesting Party who is granted consent to access personal information cannot share that consent without requesting additional permissions to do so and thus cannot share access to the information at their own discretion. UMA addresses the need for secure access as managed by the Owner of the information and allows for tracking of who has consent to access and under what conditions. Look for our next posting in the Nulli Identity Series where we follow up on the presentation by Allan Foster and provide more insights into securing the privacy of your user population’s information.

If you are interested in hearing about our future events, please email us at contactus@nulli.com.

Roland Davis is Senior Sales Representative at Nulli.

The post Nulli Identity Series: User Managed Access – A Primer appeared first on ForgeRock.com.

November 15, 2016

KatasoftThe Architecture of Stormpath’s Java SDK [Technorati links]

November 15, 2016 11:42 PM

Stormpath provides several language-specific SDKs to allow simple interaction with its REST API. The Java SDK is one of our most popular ones. In this article, we’ll dive under the hood and take a closer look at the architecture of the Java SDK. First of all, you might wonder, why did you develop an SDK?

Well, that’s simple. We absolutely believe that our ecosystem of SDKs and integrations makes developer’s lives easier, and that’s our mission. We started Stormpath because auth is tough if you are a security expert, and can be impossible to get right if you’re not. Fast forward three years and now Stormpath offers 13 different SDKs.

Stormpath SDKs

The SDKs have been extremely popular among developers. The reason is simple, they can add just a few lines of code and be integrated with Stormpath in minutes!

From REST to Java

The Java SDK does its best to keep developers in mind. As developers of the SDK, this isn’t too difficult since we’re developers too! The Core Java SDK is largely a wrapper around the REST API, which can also be used if you want to experiment from the command line, or write your own SDK.

TIP: Les Hazlewood wrote a blog post about how we migrated our backend to Spring Boot in 3 weeks.

To create a user account with the REST API, you can use curl:

curl --request POST \
  --user $SP_API_KEY_ID:$SP_API_KEY_SECRET \
  --header 'content-type: application/json' \
  --url "https://api.stormpath.com/v1/applications/1gk4Dxzi6o4PbdlEXampLE/accounts"
  --data '{
  "givenName": "Joe",
  "surname": "Stormtrooper",
  "username": "tk421",
  "email": "tk421@stormpath.com",
  "password":"Changeme1"
  }'

Using the Java SDK to complete this same task might look more familiar to Java developers:

//Create the account object
Account account = client.instantiate(Account.class);

//Set the account properties
account.setGivenName("Joe")
    .setSurname("Stormtrooper")
    .setUsername("tk421") //optional, defaults to email if unset
    .setEmail("tk421@stormpath.com")
    .setPassword("Changeme1");

//Create the account using the existing Application object
account = application.createAccount(account);

API vs Implementation

The Java SDK defines clear lines between its API and implementation. The project on GitHub shows these are both top-level directories.

Java SDK on GitHub

The api module contains the interfaces that developers will interact with. The project uses semantic versioning, which means these classes will not add or remove methods between patch releases. We are at liberty to add classes and methods between minor and major releases.

The impl module is a little more fluid in that we’re allowed to change things between minor releases, as long as we maintain backwards compatibility. The classes in this module aren’t exposed to end users as much and we caution developers not to cast and use implementation classes.

You can think about the API as a JDBC library. When you write Java code to interact with a database you will be writing generic JDBC statements. During development time, those statements are not tied to any particular DB at all. Later on, at runtime, a specific concrete DB library will be used by JDBC in order to interact with the concrete DB. You wrote (JDBC) code which allows you to switch between different DBs without (ideally) affecting your code.

Our Java SDK separation between an api and an impl module allows your code to remain completely agnostic of the concrete classes and operations we use in order to interact with the backend. The backend does change from time to time and we need to be sure that our SDK can keep properly interacting with it. Therefore, we can (ideally) change our impl classes and your code will not need to be modified.

Stack

Our SDK is built from the ground up with a modular architecture in mind. The overall architecture is a stack where each module is in charge of a specific responsibility. Said module is available to be used not only by developers but also by other modules that provide higher level functions.

Java SDK Stack

Having such an architecture allows each module to have a small footprint and to re-use much of the already existing code. For instance, take a look at our Spring Boot Starter module. It is only a single Java file! This is the rationale behind how our logic is separated:

Network-agnostic

Stormpath is a user management service that is hosted in the cloud. This means that the Java SDK needs to interact with a remote service that is running outside of your domain. Many developers assume that they will need deal with some network-related coding at some point. The good news is that they are wrong. 🙂

Our SDK completely abstracts the network nature of Stormpath. You will not need to do anything network-related for the SDK to be fully functional. Our SDK will automatically communicate with our REST API where data will be securely and efficiently transported for you. Remote operations (like login, data updates, etc) will happen behind the scenes without you even noticing they are traveling through the wire. The SDK caches most of the data locally, so operations are efficient and I/O is done in a responsible way.

Integrations

The rest of this post is a deep-dive into working with the Java SDK. We’ve used the SDK to build up the integrations pictured above.

If you are not interested in close-to-the-metal software development using the Java SDK or you’re already using one of the Spring variants or Servlet in your project – good news!

Using one of the many integrations we provide enables you to use Stormpath with little to no additional coding on your part.

For instance, if you drop the stormpath-webmvc-spring-boot-starter module into your project, your Spring Boot app gets an /oauth/token endpoint with absolutely no additional coding on your part.

Wanna get down and dirty with the Java SDK? Read on…

Internal Concepts

Data Model

The main objective of the Java SDK is to provide a Java idiomatic development experience to interact with our Rest API-based backend service. This implies that the operations that it provides must be analogous to what can be done via a REST command hitting the backend directly.

In order to accomplish that we modeled the resources provided by the backend. All of these resources are Java interfaces and their hierarchy is as follows:

Java SDK Data Model

Executing Operations in the Backend

The above class diagram provides a simplified view of the data provided by the SDK which mimics what the Rest API provides in the backend. Hopefully, you now have an understanding of how the Resources are represented in Java. There is still one important aspect missing: the operations that they support.

All the operations are provided by Java methods available via each corresponding resource. For example, in order to update the username of an Account you would do a POST with REST like this (using HTTPie):

http -a APIKEY_ID_HERE:APIKEY_SECRET_HERE \
POST https://api.stormpath.com/v1/accounts/1GFIRBu2pAE3POp0kE3ekE username=fooBar

However with the Java SDK the operation will be as simple as:

account.setUsername(“fooBar”);
account.save()

Or, in order to create an Application you would execute the following curl command:

curl -X POST --user APIKEY_ID_HERE:APIKEY_SECRET_HERE \
     -H "Accept: application/json" \
     -H "Content-Type: application/json" \
     -d '{ "name" : "FooApp" }' \
https://api.stormpath.com/v1/applications

While with the Java SDK you can simply do:

Application  app = client.instantiate(Application.class);
app.setName("FooApp”);
client.createApplication(app);

These code snippets are useful to exemplify how some of the operations are available via the specific resources:

Of course there are many more types of operations that the backend provides, like:

The intention of this section was to show a simple example of how the REST API operations are mapped in the Java SDK. You can read more about all the available operations in our Java Product Guide.

Volatile State

Our Java SDK works by modifying data that actually resides in our backend. The SDK does not have a state per-se but it does keep data in a cache in order to improve processing speed. Our default cache mechanism keeps data in memory.

This volatile state is not shared by different instances. Each process will have its own independent state, all of them modifying the same data in Stormpath’s backend but that data is not proactively pushed to the SDK in any way. The data is only available locally when retrieved (pulled) by the SDK when needed. These data is later on updated locally only via write operations or cache timeouts. This means that the backend never pushes data to the SDK, the SDK has to pull it instead.

If your application requires different instances of the Java SDK to work concurrently in a distributed environment then you will need to use a distributed cache like Hazelcast. The good news is that we already provide a Hazelcast implementation which is readily available to be used as well.

Developer API

As its name denotes the Java SDK is meant to be used by developers to create their own applications enriched with Stormpath-related functions. They will therefore need to write code in order to programmatically interact with us. Our programming model therefore needs to be simple to use, where simple means: well documented, consistent in experience, and intuitive.

Our Javadocs are your friend and can be found here. Jumping right into the javadocs can be daunting, however. Let’s take a look at some examples that exemplify the consistent experience in the Java SDK.

Patterns

The first thing you need in order to work with Stormpath from the Java SDK is a Client. The easiest way to get a hold of a Client is like so:

Client client = Clients.builder().build();

NOTE: Creating a client is something you should only do once in your application. It references an internal CacheManager and creating multiple copies could create state management issues.

There’s a lot of Java SDK goodness hidden in that one line! You can see we use a builder pattern for creating objects. The builder pattern enables the creation of objects without explicit instantiation (using the new keyword). This is very important to the design of the SDK as it enables the separation of the api layer from the impl layer.

Let’s see how you can get some more out of Client by providing some configuration.

Configuration

In order to create a Client object, the Java SDK needs to know the base URL for the Stormpath environment you are working with and it needs to have a set of API keys in order to authenticate against the Stormpath API backend.

The Java SDK uses some sensible defaults to reduce the amount of coding you need to do. It will automatically look for the API keys in: ~/.stormpath/apiKey.properties. And, it will use the community cloud base URL by default: https://api.stormpath.com/v1.

The one-liner above would work without alteration under these circumstances. However, the fluent interface and the builder pattern keep the code very readable if you are not using these defaults.

ApiKey apiKey = ApiKeys.builder()
    .setFileLocation("/path/to/apiKey.properties")
    .build();

Client client = Clients.builder()
    .setApiKey(apiKey)
    .setBaseUrl("https://enterprise.stormpath.io/v1")
    .build();

In this scenario, your API key file is in an alternate location (/path/to/apiKey.properties) and you’re using Stormpath’s Enterprise environment (https://enterprise.stormpath.io/v1).

Notice how even the ApiKeys class uses the builder pattern – consistency!

Let’s take a look at how you can use a request pattern to interact further with the Java SDK.

OAuth 2.0 Requests

Amongst the most powerful features of Stormpath is our OAuth 2.0 service. The Java SDK provides a consistent interface for working with common OAuth2 workflows. For a more in-depth look at OAuth2, look here.

Building on the previous section, use the Client to get a hold of an Application. You can make the application interact with OAuth2 quite easily.

Client client = Clients.builder().build();

Application application = client
    .getApplications(where(name().eqIgnoreCase("My Application")))
    .single();

The above code shows how you can search for an Application by name using criteria. This code example uses a fluent pattern; one that is used for collections all throughout the Java SDK. The fluent interface allows for method chaining and a method terminator to return a concrete object (an Application in this case).

One of the common OAuth2 flows is obtaining access and refresh tokens. Another common flow is using a refresh token to obtain a new access token (its only purpose in life).

OAuthGrantRequestAuthentication request = OAuthRequests.OAUTH_PASSWORD_GRANT_REQUEST.builder()
    .setLogin("me@me.com")
    .setPassword("super_secret")
    .build();

OAuthGrantRequestAuthenticationResult result = Authenticators.OAUTH_PASSWORD_GRANT_REQUEST_AUTHENTICATOR
    .forApplication(application)
    .authenticate(request);

String accessToken = result.getAccessTokenString();
String refreshToken = result.getRefreshTokenString();

There are two distinct parts in the code above: (1) building a request (line 1) and (2) authenticating using the request (line 6).

See the fluent interface and builder patterns at work?

Now, look at how you can refresh the access token:

OAuthGrantRequestAuthentication refreshRequest = OAuthRequests.OAUTH_REFRESH_TOKEN_REQUEST.builder()
    .setRefreshToken(refreshToken)
    .build();

result = Authenticators.OAUTH_REFRESH_TOKEN_REQUEST_AUTHENTICATOR
    .forApplication(application)
    .authenticate(refreshRequest);

Look familiar? Once again, this builds a request and gets a result.

Pop-quiz: What do all of the above code examples NOT have? Answer: the new keyword. If you stick to using the api packages and the SDK design patterns, we can improve the implementations without you ever having to update your code.

That’s why we recommend having the api module as a compile-time dependency and the impl module as a runtime dependency. Here’s what that looks like in a pom.xml file:

    4.0.0
    ...
    
        
            com.stormpath.sdk
            stormpath-sdk-api
            ${stormpath.version}
            compile 
        
        
            com.stormpath.sdk
            stormpath-sdk-httpclient
            ${stormpath.version}
            runtime
        
    
    ...

You can see by now that fluent interface, builder pattern, request pattern, and search criteria are used all over to provide a consistent and readable developer experience with the Java SDK.

Kudos

Thanks to Stormpath’s Mario Antollini and Micah Silverman for writing most of the this post and the Java SDK itself.

Summary

Stormpath’s Java SDK was built to help developers create their own applications enriched with Stormpath-related functionality. Our programming model uses a style that’s familiar to Java developers. You can easily invoke REST commands to the backend, without worrying about networking or connectivity. Its modular design allows you to pick the component you need and the web integrations don’t require you to write any code. Finally, it’s well documented with tutorials and examples, as well as Javadocs.

Stormpath’s Java SDK is fully open source on GitHub, with an Apache 2.0 license.

The post The Architecture of Stormpath’s Java SDK appeared first on Stormpath User Identity API.

Matthew Gertner - AllPeersHow You Can Perfectly Utilise The Space At Your New Space [Technorati links]

November 15, 2016 03:11 PM

 

toys-457809_1280

When moving into a new house, it is important to make as much of the space as possible. There is nothing worse than having a cramped and cluttered house. This can make important things harder to find and could make everyone in the house feel stressed.

Read this helpful guide in order to maximise the amount of space in a new house.

Put Items Into Storage

Everyone has items which they only use occasionally. This could be anything from power tools to musical instruments. Instead of taking these items to the new house, why not consider hiring a self storage unit for a few months. This means that any items which are not immediately useful can be kept safely out of the way.

Research different storage companies to compare costs and to see which firm offers the best and most secure storage units. People should choose a company which has a fully operating security system as well as guards. This will ensure that possessions are kept as safe as possible and won’t be taken by burglars. Some companies offer discounts for long-term storage. People will also need to consider a convenient location if they will need to have these items close at hand. More information on storage can be found by clicking the link.

Hold A Sale

People who are moving can also hold a sale if they want some money for their unwanted items. Work out which items will be most valuable and take any other items to a local charity shop where they can be sold on for a good cause.

Replace Small Furniture For Bigger Pieces

Small furniture can make a house feel cluttered, especially if there are lots of chairs dotted around the house which make it difficult to move around. Choose bigger furniture such as three-piece sofas, which will maximise the floor space in the living room.

This can be repeated in the dining room. Instead of using individual dining room chairs, consider buying long benches which people can sit on comfortably.

Use Shelves And Wall-Boxes

Vertical storage is extremely useful, so put up some shelves or wall boxes in order to store everything from books to picture frames. This means that the floors and furniture won’t be unnecessarily cluttered with items.

Work Out The Floorplan Before Moving

Working out the floor plan before moving is a sensible idea. This means that people will be able to position all the furniture so that it does not take up too much space. As well as saving space, this will save lots of time on moving day.

Storage Items In The Garage

It is a good idea to park the car on the drive, freeing up space to use the garage as a storage facility. Make sure that the car is completely secure on the driveway by fixing clamps to the wheels and the steering wheel.

Use this guide to create as much space in the house as possible.

The post How You Can Perfectly Utilise The Space At Your New Space appeared first on All Peers.

Matthew Gertner - AllPeersChanging the Way You Eat and Lose Weight [Technorati links]

November 15, 2016 03:29 AM
Changing the Way You Eat and Lose Weight can transform your lifePhoto by CC user Alan Cleaver on Flickr.

If you’ve struggled with weight for most of your life, it’s time to change your eating habits. Being just a few pounds overweight can have a huge impact on your life. It can affect your health and reduce your level of confidence. By combining a healthy diet with weekly exercise, you can end the battle of the bulge and enjoy the results you see on your scale.

Exercise, exercise, and exercise

If you want to see a noticeable difference faster, you must incorporate exercise into your diet. While the scale may show only a couple of pounds lost a week, you’ll feel the results almost immediately by inches off your waist, hips, stomach and thighs. You can take out a membership at a gym like Fitness19, which offers anything from weights to yoga classes. Or, if you prefer to do your workout in private you can go bike riding, run, jog or use a fitness video. When your clothes fit without the kangaroo pouch and bulges your confidence begins to return. You’ll look for those jeans you tucked away in the back of your closet and remove the sweats you swore were the new fashion trend.

A quick weight loss often leads to a weight gain

Ok, so you’ve tried every guaranteed weight loss pill and diet and you still continue to put the pounds back on. The reason for this is that you haven’t changed your eating habits. There is no quick weight loss program that works and many of these fad diets are not healthy. They leave out nutrients your body needs to stay healthy. These diets also may work for a month or so but then not only do you gain those pounds back but you also add a few more. Instead of looking to cheat the system, try and change the way to eat and, more importantly, what you eat. Your success will come with a slow weight loss. Those are the pounds that stay off.

Plan meals ahead of time

Meal planning works. When you have everything you need at home to create a healthy breakfast, lunch and dinner, your chances of making the meals improve. It’s when you run out of things that you reach for the phone and dial up take out. Make a list of what you need and shop once a week and never on an empty stomach. Also, mix things up. If you change up the meals weekly you’ll have a variety. This way you’re less likely to give into the fast food.

Fend off hunger between meals

Many people gain weight because they feel hungry in between meals and reach for the quick fix, which most times is something that has as many calories in it as a meal. Instead, if you’re at work or out running errands carry a granola bar, nuts or an apple. These will help to satisfy your hunger and get you through to your next meal without undoing all your efforts. Also, drink plenty of water. This also keeps you hydrated and delays hunger.

If you really want to lose weight you can do it. You just need to remember that the pounds didn’t come on in a day and they won’t disappear in a day either. But, if you stick with it, with each month your weight will come off, you’ll begin to feel better and look great.

The post Changing the Way You Eat and Lose Weight appeared first on All Peers.

November 14, 2016

KatasoftBuild an Angular 2 Application with User Authentication in 10 Minutes [Technorati links]

November 14, 2016 11:40 PM

Today I’m happy to announce the first (beta) release of Stormpath’s Angular 2 support! The npm module is called angular-stormpath and you can easily installing it using npm install --save angular-stormpath. If you’d like to try Angular 2 with Stormpath without writing any code, you can checkout the project from GitHub and run its demo. You will need to have your Stormpath API key setup for this to work.

git clone https://github.com/stormpath/stormpath-sdk-angular.git
cd stormpath-sdk-angular
npm install
npm start

If you’d like to learn how to integrate our Angular 2 components into your own application, continue reading!

What Is Stormpath?

Stormpath is an API service that allows developers to create, edit, and securely store user accounts and user account data, and connect them with one or multiple applications. We make user account management a lot easier, more secure, and infinitely scalable. To get started register for a free account.

Create an Angular 2 Application with Express

To see how you might use this in a simple Angular 2 application, create a new application with Angular CLI. First, you’ll need to install Angular CLI.

npm install -g angular-cli

After this command completes, you can create a new application.

ng new angular2-express-stormpath-example

The reason I included “express” in the project name is because Stormpath currently requires one of our backend integrations to communicate with Stormpath’s API. For this example, you’ll use express-stormpath.

ng new

From the command line, cd into angular2-express-stormpath-example and run ng e2e. All tests should pass and you should see results like the following.

ng e2e

Integrate Stormpath’s Angular 2 Support

Add angular-stormpath to the project:

npm install angular-stormpath --save

In src/app/app.component.html, add HTML that shows a welcome message to the user when they’re logged in. When they’re not logged in, the <sp-authport></sp-authport> component will render forms to register, login, and retrieve forgotten passwords.

{{title}}

Welcome, ({{ ( user$ | async ).fullName }}).


What would you like to do?

In src/app/app.component.ts, add the following variables, constructor, and methods to the body of AppComponent:

import { Stormpath, Account } from 'angular-stormpath';
import { Observable } from 'rxjs';
...
export class AppComponent {
  title = 'app works!';
  private user$: Observable;
  private loggedIn$: Observable;
  private login: boolean;
  private register: boolean;

  constructor(public stormpath: Stormpath) {
  }

  ngOnInit() {
    this.login = true;
    this.register = false;
    this.user$ = this.stormpath.user$;
    this.loggedIn$ = this.user$.map(user => !!user);
  }

  showLogin() {
    this.login = !(this.register = false);
  }

  showRegister() {
    this.register = !(this.login = false);
  }

  logout() {
    this.stormpath.logout();
  }

If you run npm start and view http://localhost:4200 in your browser, you’ll see “Loading…”, but nothing renders. A quick check of the console will show you errors about sp-authport not being a known element.

sp-authport error

This happens because Stormpath’s Angular 2 components haven’t been imported into the application’s module. Open src/app/app.module.ts and import StormpathModule.

import { AppComponent } from './app.component';
import { StormpathModule } from 'angular-stormpath';

@NgModule({
  declarations: [
    AppComponent
  ],
  imports: [
    BrowserModule,
    FormsModule,
    HttpModule,
    StormpathModule
  ],
  providers: [],
  bootstrap: [AppComponent]
})

Now the app should launch correctly, but you’ll see a 404 in your console for the /me endpoint.

/me 404

Install Stormpath’s Express Support

To fix this, install express-stormpath:

npm install express-stormpath --save-dev

Create a server directory and a server.js file in it. In this file, create an Express application and protect it with Stormpath.

'use strict';

var express = require('express');
var path = require('path');
var stormpath = require('express-stormpath');

/**
 * Create the Express application.
 */
var app = express();

/**
 * The 'trust proxy' setting is required if you will be deploying your
 * application to Heroku, or any other environment where you will be behind an
 * HTTPS proxy.
 */
app.set('trust proxy', true);

/*
 We need to setup a static file server that can serve the assets for the
 angular application.  We don't need to authenticate those requests, so we
 setup this server before we initialize Stormpath.
 */

app.use('/', express.static(path.join(__dirname, '..'), {redirect: false}));

app.use(function (req, res, next) {
  console.log(new Date, req.method, req.url);
  next();
});

/**
 * Now we initialize Stormpath, any middleware that is registered after this
 * point will be protected by Stormpath.
 */
console.log('Initializing Stormpath');

app.use(stormpath.init(app, {
  web: {
    // produces: ['text/html'],
    spa: {
      enabled: true,
      view: path.join(__dirname, '..', 'index.html')
    },
    me: {
      // enabled: false,
      expand: {
        customData: true,
        groups: true
      }
    }
  }
}));

/**
 * Now that our static file server and Stormpath are configured, we let Express
 * know that any other route that hasn't been defined should load the Angular
 * application.  It then becomes the responsibility of the Angular application
 * to define all view routes, and redirect to the home page if the URL is not
 * defined.
 */
app.route('/*')
  .get(function (req, res) {
    res.sendFile(path.join(__dirname, '..', 'index.html'));
  });

/**
 * Start the web server.
 */
app.on('stormpath.ready', function () {
  console.log('Stormpath Ready');
});

var port = process.env.PORT || 3000;
app.listen(port, function () {
  console.log('Application running at http://localhost:' + port);
});

This will now service the Stormpath endpoints (e.g. /login, /logout, /me) on port 3000 when it’s started. However, since Angular CLI runs on port 4200, you have to proxy these requests.

Proxy Requests to Express

Create a proxy.conf.json file in the root directory of the project to contain proxy definitions.

{
  "/forgot": {
    "target": "http://localhost:3000",
    "secure": false
  },
  "/login": {
    "target": "http://localhost:3000",
    "secure": false
  },
  "/logout": {
    "target": "http://localhost:3000",
    "secure": false
  },
  "/me": {
    "target": "http://localhost:3000",
    "secure": false
  },
  "/register": {
    "target": "http://localhost:3000",
    "secure": false
  }
}

Next, change package.json to modify npm start to start express and run ng serve with proxy support.

"scripts": {
    "start": "concurrently --raw \"ng serve --proxy-config proxy.conf.json\" \"node server/server.js stormpath-api\"",
    "lint": "tslint \"src/**/*.ts\"",
    "test": "ng test",
    "pree2e": "webdriver-manager update",
    "e2e": "protractor"
  },

You’ll need to install concurrently to make this command work.

npm install concurrently --save-dev

Run npm start and you should be able to navigate between Login, Register, and Forgot Password in your browser. The forms won’t be pretty though. You can make them look good by adding Bootstrap to src/index.html.

login

register forgot password

If you haven’t registered for Stormpath, you’ll see an error like the following when you run npm start. The Quickstart guide for Stormpath’s Node.js integration explains how to register and create an API key pair.

No API Key Error

Fix Tests

If you try to run npm test or ng test, tests will fail with the same error you saw before:

'sp-authport' is not a known element:
1. If 'sp-authport' is an Angular component, then verify that it is part of this module.

The first step to fixing this is to import StormpathModule into src/app/app.component.spec.ts.

beforeEach(() => {
  TestBed.configureTestingModule({
    declarations: [
      AppComponent
    ],
    imports: [StormpathModule]
  });
});

This will get you a bit further, but there will be an error about the /me endpoint not being found.

Chrome 54.0.2840 (Mac OS X 10.12.1) ERROR
  Uncaught Error: /me endpoint not found, please check server configuration.

To workaround this, you can override the Angular’s Http dependency and mock out its backend.

import { StormpathModule, Stormpath } from 'angular-stormpath';
import { BaseRequestOptions, Http, ConnectionBackend } from '@angular/http';
import { MockBackend } from '@angular/http/testing';
...
beforeEach(() => {
  TestBed.configureTestingModule({
    declarations: [AppComponent],
    imports: [StormpathModule],
    providers: [
      {
        provide: Http, useFactory: (backend: ConnectionBackend, defaultOptions: BaseRequestOptions) => {
        return new Http(backend, defaultOptions);
      },
        deps: [MockBackend, BaseRequestOptions]
      },
      {provide: Stormpath, useClass: Stormpath},
      {provide: MockBackend, useClass: MockBackend},
      {provide: BaseRequestOptions, useClass: BaseRequestOptions}
    ]
  });
});

After making these changes, you should see the sweet smell of success.

Chrome 54.0.2840 (Mac OS X 10.12.1): Executed 3 of 3 SUCCESS (0.536 secs / 0.532 secs)

Protractor tests should still work as well. You can prove this by running npm start in one terminal and npm run e2e in another.

Kudos

Thanks to Stormpath’s Robert Damphousse for providing a preview of Angular 2 support and writing most of the code in this release. I’d also like to thank Matt Lewis for his generator-angular2-module. Matt’s library made it easy to create this module and he was a great help in getting tests to work.

Angular 2 + Express Source Code

A completed version of the application created in this blog post is available on GitHub.

I hope you’ve enjoyed this quick tour of our Angular 2 support. If you have any questions about features or our roadmap going forward, please hit me up on Twitter, leave a comment below, or open an issue on GitHub.

The post Build an Angular 2 Application with User Authentication in 10 Minutes appeared first on Stormpath User Identity API.

Matthew Gertner - AllPeersAre You Making the Best Financial Calls? [Technorati links]

November 14, 2016 11:21 PM
financialPhoto By CC user Images Money on Flickr.

What kind of grade would you give yourself when it comes to protecting and operating your finances?

For many consumers, the thought of identity theft hitting their homes is all but a foreign concept.

Sure, they may know it is out there, but they oftentimes figure they are immune to it. If identity theft seems immune to you, you very well could be the next victim.

That said identity theft is but one of the challenges you face in managing your finances.

Bad purchasing decisions, not saving enough money for retirement, and not looking to pay down debt are but three of the mistakes you could very well be making.

So, when you stop and think about it, are you making the best financial calls?

Protecting Your Money

In this day and age when many people are struggling paycheck to paycheck, it behooves you to do whatever you can to avoid money pitfalls.

Among the practices you should be following:

Deals Truly Do Matter

At the end of the day, are you making the best financial calls possible?

If so, what advice would you have for others in need of financial tips?

The post Are You Making the Best Financial Calls? appeared first on All Peers.

Matthew Gertner - AllPeersDoes Your Business Have Money Issues? [Technorati links]

November 14, 2016 09:39 PM
businessPhoto by CC user 401 (K) 2012 on Flickr.

Whether you oversee a sizable business or one that may make hardly a blip on the radar, you’re still a business owner.

That said making sure your business stays in the black or as close to it as possible is critical. When a business starts to bleed red, the end may come sooner rather than later.

So that you can greatly lessen the odds your business will end up bleeding when all is said and done, don’t wait until it is too late. Take the time now to review your finances, especially heading into the New Year in only a matter of weeks.

So, are you confident or not so confident as to your business having money issues?

Preventative Maintenance Does Matter

In order for your business to do its best to avoid money matters, remember the following pointers below:

1. Review – Always make it a point to regularly review your financial well-being. It may sound like a pain at times, but it is paramount to you being able to have a successful operation. For instance, analyze your financial numbers for a 12-month period. From there, analyze the next 12 months and compare and contrast. Look to see any emerging trends, be they good or bad. In doing so, you can see for the most part if you have the right amount of cash for your business. In the event you are not where you want (or expect) to be, you have an opportunity in many cases to fix it. The other side of the coin is finding out too late that you are dealing with money issues.

2. Help – If your business is in need of more money, where best to turn? In some cases, business owners will look to loan providers and other similar companies to give them a financial shot in the arm. Others, meantime, will see about bringing aboard an investor or two. In still other cases, one may turn to immediate family and/or friends, seeing if they can assist with a loan or investment etc. If you do find yourself in need of financial help to prop up your business or possibly even expand it, be sure to get all the terms and conditions clearly spelled out. The last thing you want to have happen is discover the terms and conditions were not what you thought they were to be. If that happens, you could end up with a significant problem on your hands.

Get the Team Involved

3. Planning – For those business owners with staff under them, bringing them together to talk about money-saving ideas for your company is important. In some cases, one or more of them may come up with an idea you missed. In doing so, not only are they helping you with the potential to save money, they are in essence investing in your company. By giving you valuable feedback as to how to make the company better, they’re mentally invested in what you have to offer.

4. Market – Lastly, make sure you are doing anything and everything to properly market your brand to the masses. For example, are you properly promoting your brand through your website, blog content, social media and more? Unless consumers hear about you, how can you expect them to buy from you? With 2017 just around the corner, your marketing plans for next year should already have been discussed etc. Always look to expand those efforts in any manner possible. By doing so, you open up the potential for more dollars to flow into the company.

While they oftentimes say that money makes the world go around, it is especially true in the business world.

Without a regular cash flow coming into your business, the days of actually being in business can be numbered.

As a business owner, what are you doing to avoid having money issues?

The post Does Your Business Have Money Issues? appeared first on All Peers.

Matthew Gertner - AllPeersTans jump on the Organic bandwagon [Technorati links]

November 14, 2016 09:32 AM
Tans jump on the Organic bandwagon ... good news for the environment?Photo by CC user Onetwo1 on English Wikipedia

Nowadays, almost everyone is jumping on the organic bandwagon, and it’s not just organic foods which are in high demand. Organic cosmetics are also a steadily growing industry. But what exactly does it mean for a tanning product to be classified as organic, and what are the benefits of going organic with your spray tan?

Organic certification requirements do vary from country to country, however the certification usually refers to standards around the growing, the storing and the processing organic goods. In Australia, “The Australian Certified Organic Standard” covers all aspects of farming, stating that the use of artificial fertilisers, pesticides, herbicides, and Genetically Modified Organisms are strictly prohibited.

Although when it comes to cosmetics and spray tanning products, the lines between inorganic and organic have a tendency to be blurry. What always remains a steadfast rule, is that organic cosmetics and organic spray tan products should never contain any artificial preservatives or harsh chemicals. Organic tanning products should always contain naturally based ingredients which are certified organic. Ensuring that no harmful toxins are absorbed into your face or body through the epidermis (outer layer) of your skin.

All organic spray tan products should be free from synthetic dyes, oils, or alcohols and the various cocktails of chemicals which are used in traditional spray tanning products. These factors make organic spray tanning an outstanding choice for people who wish to experience the many benefits of spray tanning, but without being subjected to the harsh chemicals used in other non-organic spray tanning solutions.

Another thing to keep in mind is that organic fake tanning products do not contain any artificial preservatives in them, so they tend to have a shorter life on the shelf. This problem is easily solved by storing your products in a cool place, out of direct sunlight and heat.

The rise in the demand (due to the wide range of benefits organic products offer) fake tanning companies are jumping on the Organic bandwagon too. Many new organic spray tan solutions are entering the market to meet the growing demand for these products. Here are some of the main benefits which organic fake tanning and skincare products offer:

  1. Every organic tanning product introduced in today’s market is created specifically with the consideration that it will only bring beauty to and pamper the skin. Products’ which are not organic creation is not based on this pure intention, as profit is also most definitely taken into account. Organic tanning products have your skin’s best interests at heart.

  2. Natural and organic ingredients are more far more easily absorbed by the skin. As it’s crucial for a fake tanning solution to be well absorbed by the skin, using organic fake tanning products ensures an even tan that lasts longer.

The post Tans jump on the Organic bandwagon appeared first on All Peers.

Gerry Beuchelt - MITRELinks for 2016-11-13 [del.icio.us] [Technorati links]

November 14, 2016 08:00 AM

Mike Jones - Microsoft“amr” Values specification addressing area director comments [Technorati links]

November 14, 2016 07:24 AM

OAuth logoDraft -04 of the Authentication Method Reference Values specification addresses comments by our security area director Kathleen Moriarty. Changes were:

The specification is available at:

An HTML-formatted version is also available at:

November 11, 2016

Matthew Gertner - AllPeersMoving Tips to Change Stress to Smiles [Technorati links]

November 11, 2016 11:27 PM

Moving to a new city can be a very exciting moment in your life, full of new beginnings, new friends, new things to do and see. However, from a logistics standpoint, it can be a bit complicated – it isn’t an easy matter to pop over to the new place to remind yourself about whether the lift will accommodate your king-size bed, and you will have to be organised in order make sure that everything arrives as it should and on schedule. Hiring a reliable and affordable company for removals, car transport or haulage is one way to take some of the stress out of the process. To make the process even easier, a service like Shiply can provide you with multiple quotes from companies who bid for your job. With that major source of stress taken care of, it is possible to focus on the equally important matter of finding your place in your new home.

attached_houses_on_courtfield_gardens_earls_court_london

Look Before You Leap

Even if you have visited the city that you are moving to and loved everything about it, there are some difference of perspective when you are visiting a city as opposed to living in it. The sorts of things that you want to be close when you are visiting – the local hot spots, tourist areas, busy downtowns – may not be the sorts of things you want to live near. If you have an idea of where in your new city you would like to live, see if you can arrange to spend a long weekend in an AirBnB or something similar in the neighbourhood and imagine going through your daily routines. How do you get to work or school and how long does it take? Is there a shop nearby to purchase food? Is the area noisier than you want, or quieter? Are the prices in your range, and can you imagine living in this area in a place you can actually afford. If you have children, is the neighbourhood kid friendly?

Do Some Research

One of the best ways to feel at home in a new city is to learn about that city’s history and culture. Even neighbouring cities can have a different “vibe” which may take some getting used to. Learn what locals love about their city, and spend some time exploring some of the local sites, museums, parks and other spots of interest.

Find a Community

If you are moving for a job, to some degree there will be a built-in community for you in the early days before you meet people outside of work. Especially if you are moving with a “trailing partner” who may be unemployed as a result of the move, you need to make sure that you find ways to develop a social circle. There are likely to be many interest-based groups that you can find through the local community centre, online through newcomers or Facebook groups – don’t underestimate how isolating it can be in a new city, particularly if you have moved alone, and take advantage of the chance to meet up with people in the local dog-walking group, yoga-in-the-park class, or pub-quizzes.

Moving to a new city can be just the thing to put a bounce in your step and a smile on your face if you approach it with a curious and open-minded attitude.

The post Moving Tips to Change Stress to Smiles appeared first on All Peers.