I would expect you place a well hardened reverse proxy in front of your UAA, and that is what you use to control what is exposed to the outside world and what is not? Regards Enrique

#uaa #cf

Hi If we don't need to use the SAML protocol with UAA, do we really need to configure that section e.g. encryption keys? It seems UAA won't start if that section is empty. Thanks Enrique

#uaa

Hi Dan Is the expectation then that we would integrate with the external IdP via SAML? Thanks Enrique

Thanks for your reply, Daniel. No concerns, other than Windows doesn't seem to be mentioned much in the documentation. Just wanted to make sure we can run it on Windows, that was all. Thanks! Enrique

#uaa

Hi community Is UAA supported on Microsoft Windows, and if so, what versions? Many thanks in advance Enrique

#uaa

Thank you, Filip. We are not using uaa-release, and we can control the protocol (https). Our issue is that the port number is forced to be 443 when we don't want that to happen. Regards Enrique

#uaa

Hi We are running UAA behind an ingress controller on Kubernetes. The connection to the ingress controller is https on a port other than 443 e.g. 8443. The connection to UAA pod is http. The issue we

#uaa

Thanks, Camilo, that's very interesting and helpful. So, it's possible to do it, we just need to have a SAML provider integrated with Kerberos, and then we can integrate UAA with that SAML provider, i

#uaa #kerberos

Hi Has anyone got any experience integrating UAA with Kerberos? Basically, we are trying to obtain a bearer token from UAA by somehow providing a Kerberos ticket instead of client or user credentials.

#uaa #kerberos

Hi Has CF UAA code been developed in a way that is protected against potential SQL injections? Thanks Enrique

#cf

I understand that UAA can run against MySQL and Postgres as the backend database, and Oracle was considered in the past but was discarded due to the enterprise licensing model (https://github.com/clou