Recently, Mark Stanislav gave a talk on holistic authentication security for companies who have implemented two-factor authentication. He developed a scoring system, MASSACRE, which quantifies the presence of several different security features on a web site; cookie flags, response headers, etc.. This inspired me to see if I could get our Jasig CAS server with Duo 2FA …
We recently had trouble replacing an older CAS server with a new system. The new server would not forward to the requested service after authenticating and the service could not verify the service ticket. We decided to use HAProxy with CAS for the front-end so we could switch back-end services seamlessly.
With POODLE being in the news recently, I decided it would be a good idea to look at my overall SSL configuration while closing the door to this issue. What better way to do that than by arbitrarily assigning a letter grade to my servers with the Qualys SSL Labs tool. From here I came …
