We’ve got catkins forming for next year already!
Author: Lisa
AI and the Entry Level Employee
I’ve long hypothesized that, as companies adopt AI (more accurately LLM’s) in their processes, the skillset required to enter the job market will change. You don’t need an entry level team member – that role is filled by the AI. You need a senior level person who can manage, direct, and oversee the junior “team members”. What that looks like varies by industry – in software development, you don’t need junior developers. You need a senior dev who does quality control on the generated code, integration, and debugging.
There’s now research backing up my expectation — https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5425555
While the number of senior employees has continued to increase, the number of junior employees has actually decreased in the past few years.
Grilled Shish Kebob
We’ve got an old charcoal grill/smoker at our camping site, so I made some shish kebobs to cook for lunch/dinner when we were hanging out this holiday weekend. Marinaded the beef in a little soy, ginger, and garlic. Then skewered along with various peppers, zuccini, tomatoes, and broccoli.
We cooked them over a wood fire
And had a quick meal — it’s easy to overcook small chunks!
Labor Day Campfire
We got our fire pit set up for the labor day weekend, cooked out, played music, and relaxed.
Unfortunately maple marshmallows didn’t work over the open fire — it was close, but the gooey mass ended up falling before it was really toasted. Luckily we had backup commercial marshmallows. And smores constructed and then set into the warm smoker grill were spectacular!
Maple Marshmallows
Marshmallows made with pure maple syrup and gelatin powder! In the bowl of a stand mixer, combine 1/3 cup of cold water and 1 Tbsp of powdered gelatin. Let the gelatin hydrate.
Heat the maple to the soft ball stage (~235F) and slowly add to the gelatin whilst mixing at low speed. Once all of the maple syrup has been added, turn up to a high speed and keep whipping until it’s a firm, sticky mass. (stiff peak stage). Then put it somewhere to set. I used a 8×8 cake pan that was lined with wax paper. Refrigerate for a few hours, then remove and cut. You can dust the squares with powdered sugar if you don’t want them to be sticky. Or just deal with sticky maple-flavored fingers.
Hazelnuts are falling …
The first hazelnuts are falling, and Anya has been hunting them in the grass.
EV UTV!
When we picked up the field goal posts, we also checked out a Polaris Ranger EV that was being auctioned by a park / habitat preservation entity. We actually won the auction! Scott and Anya went out today to pick it up. The batteries are shot (of course! We’d measured the voltages already and bid with the assumption that new batteries would be needed), but everything looks solid otherwise. Fingers crossed we can get 48v of the batteries working to boot it up and confirm everything is functional.
Farm Gates
Or, at least, the material to make some farm gates. These are field goal posts that pivot so you can do non-football things with the stadium. Less tall, and they will pivot to let vehicles pass.
Gooooooal … posts
Another government auction deal – $36 for 700 or 800 pounds of aluminum tubes that we’ll make into gates. The field goal system is designed to rotate to allow the field to be used for non-football purposes … which should be perfect for swinging a gate across the driveways and farm road.
PingFederate – OGNL Customization of AuthnContext
After a recent merger, we have added federated authentication in our PingFederate environment that allows the incoming company to continue to use their Entra (ADFS) logon process to authenticate through PingFederate. All of the IDs exist in our directory, and contract attributes are populated based on the local account. But the authentication is handled by their existing system. It’s really cool, and works for 99.9% of the applications. One, however, was not happy with the resultant attribute contract. It worked fine for me, logging in directly with PingFederate. Anyone who authenticated through Entra, however, got a very specific error:
AuthenticatingAuthority array contains a value which is not a wellformed absolute uri
And, yes, I concur – there is absolutely an element in the AuthenticatingAuthority array that is not a well-formed absolute URI
Luckily, there appears to be a solution. On the ACS URL tab, select “Show Advanced Customizations”
Use the drop-down to select the message type of “AssertionType” and the expression provided at https://support.pingidentity.com/s/article/OGNL-Examples-Message-Customization#rm-authauthority to remove authenticating authority values when multiple are present (which also works when only one is present)
Now I no longer have authenticating authorities but the AuthnContextClassRef is “urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony” … so, in the assertion creation, we need to add SAML_AUTHN_CTX to the attribute contract
In the attribute contract fulfillment, map this to a static TEXT string – I am using “urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified” which is used as the default in PingFederate
Final Answer! I have an AuthnContext that does not contain any invalid URI strings and a AuthnContextClassRef that is expected.
