my posts

    I keep this blog to write down stuff I ran into along the way.

    Jekyll is dead

    So I’m in the process of migrating my HCL Domino based blog to Jekyll, but apparently it’s been dead for a while already .

    Read more ...

    IBM Security Verify Access monitoring and alerting with Zabbix

    This is a “How-to” on using the opensource Zabbix monitoring tool for monitoring IBM Security Verify Access appliances. This document includes instructions to install Zabbix on your own machine, and Ansible playbooks to configure both Zabbix and an IBM ISVA Appliance.

    Read more ...

    Binance referal code

    Use this referal code to get 10% off on crypto orders, on binance.

    Read more ...

    content-security-policy with nonce in ISAM/ISVA for junction cookie

    UPDATE 27/4/2022 : CSP is greatly enhanced in the upcoming 10.0.4 release, so doing this yourself will no longer be necessary.

    Read more ...

    JSON.stringify in ISAM

    When using JSON.stringify, I get a lot these errors:

    Caused by: org.mozilla.javascript.EvaluatorException: Access to Java class "java.lang.reflect.Constructor" is prohibited
    Read more ...

    Fedora 31 and Notes Client

    My Notes client failed to start on my new Fedora Linux with an error

    Read more ...

    Do not use LACP Bonding on the management interface in ISAM

    The isam appliances allow you to use bonding or network aggregation. (

    Read more ...

    ISAM SPNEGO configuration

    SPNEGO challenge when reverse dns lookup does not match the requested hostname. The challenge with SPNEGO or rather the Kerberos implementation on ISAM is that it depends on reverse DNS lookups (on the ip address) by default to verify that the hostname you want to connect to.

    Read more ...

    Virtual host junctions and federation on ISAM

    I recently struggled with a setup of an OIDC federation setup on IBM Security Access Manager. Instead of using standard, transparent path junctions, I was now using Virtual Host Junctions. And I could not get the federation to work.

    Read more ...

    The only correct way to setup the ISAM RTE with basic users for the UserLookupHelper

    I’ve been struggling a bit to get the UserLookupHelper work correctly in a custom authentication mechanism I am building for Username / Password authentication. I am using the ISAM “all-in-one” deployment pattern, that is becoming quite popular these days.

    Read more ...

    Download the Brave browser and earn BAT tokens

    The Brave browser promises better privacy ; and to directly pay the user for the ads they’re looking at .

    Read more ...

    How to run ISAM on Virtual Box (and how to run it using Vagrant)

    The goal of this post is to get IBM Security Access Manager running on Virtual Box ( ), on my local machine. This will allow me to test the Ansible playbooks I’m preparing locally before committing them onto the Git repository.
    As a small addition, I have Vagrant , to quickly set up a new clean instance. Vagrant does not really bring a whole lot of value in this case, because ISAM is a locked down appliance and Vagrant can’t really do a lot.

    Read more ...
    Share on: