Ubuntu 20.04 on Hyper-V with enhanced session

Problem: 

When connecting to Xorg login only black screen black is seen.  

Solution:

Disable automatic logon

Problem

Hyper-v enhanced session ubuntu cant turn on, button is disabled.

Solution: 

$ sudo apt install linux-azure -y

Kaip padalinti pdf?

 https://smallpdf.com/split-pdf

Computer Mouse

Here’s a mind-blowing fact: both optical mice and laser mice are basically just video cameras. Each mouse is equipped with a CMOS sensor. A CMOS sensor detects light. It’s the same kind of technology that’s used in digital cameras.

Similarities in what both optical and laser mice do:

• They record a flurry of images, sometimes as many as 1,000 per second.
• The mouse examines one image at a time, trying to detect surface features like textures or scratches.
• The mouse compares back-to-back images, analyzing whether or not those features have changed position.

Mouse types 

Movement detection technology

• Optical  
• + More acurate
•  + don’t work well on highly reflective surfaces
• Laser 
• + More sensitive (picks up more details), works more surfaces, good if you move around
• -  Jitter

Laser-based mice offer high sensitivity, but they tend to cause jittering. 

It is called a vertical-cavity surface-emitting laser diode (or VCSEL) which is used in laser pointers, optical drives, barcode readers, and more.

Optical mice use LED technology with lower sensitivity, allowing for more accurate movement.

Invisible infrared or red LED that projects light onto a surface.

More:

What does a computer mouse see?

Spring security and Oauth

Definitions

• Authentication  
• Who are you? 
  
• Confirming who they say they are (identity is valid) by e.g password
• Authorization or "access control" 
• Authorization is the act of granting an authenticated party permission to do something.
• What are you allowed to do? 
• What resources the employee would have access to?
• Authorities / permissions.
  
• Rights and privileges of a user.

For example, think of a traveller checking into a hotel. When they register at the front desk, they are asked to provide a passport to verify that they are the person whose name is on the reservation. This is an example of authentication.

Once the hotel employee has authenticated the guest, the guest receives a keycard with limited privileges. This is an example of authorization. The guest’s keycard grants them access to their room, the guest elevator, and the pool — but not other guests’ rooms or the service elevator. Hotel employees, on the other hand, are authorized to access more areas of the hotel than guests are.

Authentication verifies a user’s identity, 

Authorization validates if the user has access to perform a specific function.

One-time passcodes (OTP) via SMS
Single sign-on (SSO),

Multi-factor authentication (MFA)

Documentation:

https://docs.spring.io/spring-security/site/docs/5.4.1/api/

Custom filter:

Controller:

@RestController = @Controller + @Responsebody

@Controller - when annotated, loads pages from static/ folder.

public String admin() {        return "admin.html";    }

@Responsebody - added to display "admin.html" as string.

CRSF

Use CSRF protection for any request, that can be processed by browser by normal users.

CSRF Response header from server

Set-Cookie

XSRF-TOKEN=; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/

Set-Cookie

XSRF-TOKEN=947b8dc9-5781-40a8-b349-64c0750b0f94; Path=/

.csfr.disable()

.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())

Basic Auth

Cannot logout.

.httpBasic();

Connection passing username/password each time.

Form Based Auth

Can logout. 

Customising form.

Username and Passwork

.formLogin();

Connection with Session ID in cookies(JSESSIONID).

References: AmigoCode 

OAuth 2

OAuth 2 and Spring Security
A -Authorization server. Provides tokens.
R- Resource server. Uses token.

A - Authorization server 

Provides token.

Grands type:

• password: knows client and Authorization server
  
  
  
  
  
• authorized_code: knows only Authorization server. Redirects to Authorization server to login, and Authorization serve redirects back to Client.
   
  
  
• Implicit grand type - less secured, DEPRECATED. 1 step less.
  

  

  
  .
• client_credentials
  
  
  

Blackbording

Resourse and Authorization server writing on same blackboard (database)

Token implementations

How Resource server knows, access token is correct token?

• opaque
• If you read it it's just a string, no information encoded in string,
  
• Finding more info by checking in /oauth/checktoken endpoint
• JWT
• Information is encoded in token.

SSO

Spring Security - First things you need to understand about SSO

Authorization configuration for endpoints

http.authorizeRequests()

.anyRequest() # Aplied rules to all requests.

.hasAuthority("admin")

.hasAnyAuthority("admin", "manager")

.anyRequest().hasRole("USER") #badge - group of actions searches for ("ROLE_USER") by default

Role and Authority

hasAuthority - Action (WRITE, READ)

hasRole - Badge (ROLE_ADMIN)

ENDPOINT = PATH + HTTP Method

/article + GET
/test + POST

Resources:

https://oidcdebugger.com/ - openID debugger

https://developers.google.com/identity/protocols/oauth2/openid-connect - OpenID Connect

https://jwt.io/ - jwt token decoder

https://github.com/callicoder/spring-boot-react-oauth2-social-login-demo - spring/react SSO demo

https://developers.google.com/identity/protocols/oauth2/openid-connect