Config Azure AD authentication on tomcat

Just made a simple demo project (not for production purposes) that shows you how you can use the Azure Active Directory as a REALM for your authentication. Nowadays you would use a framework that does 3rd party authentication for you…your custom authenticator will use a third party framework that federates the authentication to a (trusted) 3rd party like Facebook or Google.

Please note that this is NOT the way to use AAD in a production environment.
This is Demo code to show how you can (mis)use AAD as a LDAP solution.
In future I will create a federated authentication solution using AAD.

Here is the project:

Here you see the code in action:

Docker Image for Azure CLI and Azure Powershell

If you are a MAC or Linux user like I am and you like to manage your azure environment with azure-cli or azure-powershell you can use the following docker Image: cvugrinec/ubuntu-azure-powershellandcli:latest

Just type the following:

docker run –it  cvugrinec/ubuntu-azure-powershellandcli /bin/sh

Please note that for azure-powershell only ARM mode is supported. Azure cli supports ASM and ARM mode.

70-533 Azure certification notes

Recently I certified myself for the 70-533 exam, which  is the MCP certification for Implementing Microsoft Azure infrastructure solutions. Here are my notes what I think you should do (HANDS ON) in order to pass:

  • Web Applications/ Paas services
    • Deploy some webapplications, using the concept of slots. Also pretend to do a production update
    • Enable monitoring for 1 or 2 endpoints in your app for different test locations
    • Play with the traffic manager and understand when to use it
    • Enable CDN and understand what needs to be done (for e.g. which DNS records)
    • Implement several databases and understand the difference in products and service levels.
    • Implement autoscaling
  • Azure Virtual Machines
    • Create some VMS’ preferable with own image and attaching own datadisks
    • Make an availabilty plan
    • Make a scaleset
    • Do an update on a update domain
    • Test a failover scenario with the failover domain(s)
    • Enable diagnostics and download the diagnostics with powershell commands
  • Storage and Disks
    • Create storage accounts with powershell, create shares on it and put files on them
    • Upload a VHD and create a image for an OS you would like to make available
    • Create a datadisk and play with the optimization parameters for caching
    • Play with Azure Site Recovery and Backup manager
    • Play and understand the with several zones (LRS/ZRS/GRS/GRS(A))
  • Azure Virtual Networks
    • Play with the setting for Site to Site and Point to Site and understand when to use Express route. Understand when a VPN needs to be installe
    • Export an existing network config, change it and import it back again
    • Make a connection between 2 Virtual Networks
    • Implement subnets and routing between them
    • Implement NSG and play with ACL
    • Play with Static IP addresses for PAAS services (reserved) or VM’s
  • Azure Active Directory (IAM)
    • Add a custom domain to your AAD
    • Add a custom web application and use the SSO with own credential store
    • Add an application from the store and enable SSO
    • Add an application using existing SSO (for e.g. from Google or facebook)
    • Implement a multisite network

To be honest I haven’t done all of this…but this is what I think I should have done in retrospective. The exam is doable ( I passed it the first time…so everyone can 🙂  If I would create a course for passing this exam (maybe I will someday) than I would spend a week doing the stuff I mentioned here. PS: I passed my exam by doing prep exams from: …