About
Here’s me in a nutshell…
Summary
John loves tech, his wife and his children… not necessarily in that order. He’s a military brat that started life in Germany, moved all around the United States as a kid, and settled down in eastern Washington (state).
My work life as mostly focused on information technology in higher education. I have done almost it all, but have most recently focused on identity and access management and DevOps and containerization.
Work History
Yale University (August 2021-Current)
IAM Architect
Summary: Providing a vision for the future of IAM at Yale University
Highlights:
- Led the technical rollout of FIDO2 passkey technology for our high-risk users.
- Expanded the footprint of CAS Server and Shibboleth IdP services to both on-prem and cloud providing high availability to a global community
- Supporting Apereo CAS, Shibboleth IdP, Microsoft Entra ID (formerly Azure Active Directory), Internet2 Grouper, and SailPoint IdentityIQ
- Modernizing our devops practices
- Encouraging individual and teams to make good IAM-related decisions
Delran Solutions LLC (April 2021-Current)
Owner
Summary: Develops bespoke solutions for individuals and companies that have a need.
Highlights:
- Developed and enhancing a web-based application that allows teachers to make study hall assignments, seeing each other updates in real-time. Assignments are mass emailed to students each school day.
University of California, Berkeley (July 2019-Aug 2021)
IAM Application Developer
Summary: Focused on directory (LDAP) data aalysis and clean-up; Vue.js/Java Development
Highlights:
- Developing a replacement CalNet Directory Update application using Vue.js, Java, and Spring Boot.
- Removing 100+ directory schema attributes
- Identifying and fixing various data integrity issues with the CalNet directory data.
- Any thing else asked of me.
Unicon, Inc (December 2013-July 2019)
IAM/DevOps Architect/Consultant
Summary: Installs and supports CAS, Shibboleth, and Grouper; trains and consults on Docker and DevOps
Highlights:
- Implemented the TIER Grouper Docker image used by the Internet 2 community
- Architected the functional side of a hosted/SaaS-like Shibboleth IdP service.
- Deployed Apereo CAS server using the JDBC, Hazelcast, and Ehcache Ticket Registries; JSON and JDBC Services Registry; ClearPass & LPPE
- Developed a Google Groups provisioner for Internet2 Grouper.
- Developed a 2 day training course on Docker, Docker Swarm, and Jenkins
- Office 365 integration directly with the Shibboleth IdP.
- Office 365 integration with ADFS and ADFS integrated with Shibboleth IdP.
Eastern Washington University (November 2000-December 2013)
IT Specialist 5 (formerly 1, 3, 4)
Summary: Various duties ranging from report writing to Banner & pl/sql development/consulting to Active Directory Administration
Highlights:
- Managed various team of developers, web server administrators, and database administrators.
- Lead initiative to cluster application servers to provide highly available web applications.
- Automated the account provisioning for ~200K user accounts and groups.
- Led the charge on Single Sign-On (SSO), which had more than 70 client applications when I left.
- Integrated Jasig’s CAS and Microsoft’s ADFS v2.0 to form a single SSO environment.
- Implemented Eduroam using Microsoft NPS.
- Managed the university’s enrollment in InCommon.
- Developed web frontend (ASP.NET-based) to allow dept heads to manage shared departmental storage (folder creation, permission assignments)
- Self Service Banner (SSB), Internet Native Banner (INB), Banner Workflow, and Luminis 5 administrator
Education & Certifications
- Bachelor of Computer Science, Eastern Washington University (June 2002)
- Docker Certified Associate (October 2018)
- Amateur Radio License (June 1992?)
Skills/Technology
I have experience in the following generic categories:
- IAM protocols: CAS, SAML, OAuth, OIDC, SCIM
- Languages: C#, Groovy, Java, JavaScript, PHP, pl/sql, PowerShell, Python, SQL, TypeScript, VB.NET
- Operating Systems: OS X, Linux, Windows
- Containers & Orchestrations: Docker, Docker Swarm, Kubernetes
- Front-end Clients: Vue.JS/Nuxt.js/Vuetify, JQuery
- CI/CD: Dagger.io, GitHub Actions, Jenkins.io
- Cloud Providers:
- Amazon Web Services: API Gateway, CloudWatch, DynamoDB, EC2, ECR, ECS, EFS, EKS, Lambda, S3, SNS, SQS
- Digital Ocean: Droplets, Kubernetes
- Google Cloud Platform: Container Registry, Kubernetes Engine, Load Balancer, Firebase Firestore, CloudRun Functions
- Microsoft Azure: Azure Static Web Apps, Azure Functions
- Databases: Microsoft SQL Server, Oracle, MySQL/MariaDB, PostgreSQL
- Event Streaming and Messaging Queues: Apache Kafka, Eclipse Mosquitto (MQTT), NATS.io
I have experience with the following “vendor” groupings:
- Apache: httpd administration, JMeter script development, Tomcat administration
- Apereo: CAS Server administration, contributor, and development
- Cisco: IP Phone Services development
- Ellucian: Banner Enterprise Identity Services administration, Luminis Server administration, Self-Service Banner administration and development
- Docker: Docker Engine administration, Docker image development, Docker Swarm administration
- Internet2: Grouper development and administration
- Microsoft: Active Directory (AD) administration, Active Directory Federation Services (ADFS) administration, ASP.NET development, IIS administration, Identity Lifecycle Manager (ILM) administration and development, Network Policy Server (NPS) administration, SharePoint administration, SQL Server administration, Windows Server administration
- Oracle: mod_plsql development, WebLogic Server/Fusion Middleware administration, basic Oracle database administration
- Shibboleth Consortium: Shibboleth IdP administration and development, SP administration
- Uninett: SimpleSAMLphp administration and development
- Misc Stuff: Ansible management, Fluentd management, GnuPG, Jenkins administration, Log4j/Logback, X.509 certificates
Pet Projects
- avus framework - author
- cas-server-support-wsfederation - initial developer
Hobbies
Volunteer Work
- Mormon Discussions Podcast Network (501c3) - General IT consulting
- The View Talent Agency LLC - IT support and website development (past)
- West Plains Arts Academy (501c3) - General IT consulting (past)
All Pages