Your SlideShare is downloading. ×
OIS Architecture Review
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

OIS Architecture Review

3,589
views

Published on

Presented by Jamie Nelson, VP of Engineering, ForgeRock at Open Stack Identity Summit, France 2013

Presented by Jamie Nelson, VP of Engineering, ForgeRock at Open Stack Identity Summit, France 2013

Published in: Technology, Education

0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,589
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
204
Comments
0
Likes
5
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Open Identity Stack
  • 2. Identity Products Today  Stack vendors built by acquisition  The integrated stack is marketecture  Installation takes days  Integration is complex  Interface and UI proliferation  No module reuse  Closed source  Vendor lock in 2
  • 3. ForgeRock Vision  Simple  Scalable  Modular  Embeddable  Common REST framework  Common UI model  Community participation 3
  • 4. Common Modules  CREST (ForgeRock REST)  User Interface  JASPI for Authentication  REST endpoint protection (filters)  OAuth  Federation  Logging  Entitlements 4
  • 5. OpenAM  All in one  Simple war deployment  Platform independent  Flexible and extensible  Highly available and scalable 5
  • 6. OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Auditng User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 6
  • 7. OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Audit User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 7
  • 8. OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services Core Services OpenDJ OpenDJ 8
  • 9. OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services OpenDJ Core Services OpenDJ 9
  • 10. OpenIDM  Lightweight provisioning  Next generation modular architecture  Built on resource oriented principles  Highly extensible  Self contained 10
  • 11. OpenIDM ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Workflow External Resources ForgeRock REST Router Persistence (OrientDB) 11
  • 12. OpenIDM Commons ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Task Scanner External Resources ForgeRock REST Router Persistence (OrientDB) 12
  • 13. Identity Bridge  Software appliance ■ Wizard configuration  Identity synchronization from enterprise to SaaS  Reporting and reconciliation  SAML2 and OAuth 13
  • 14. Identity Bridge Configuration Wizard OSGI Reporting and Recon ForgeRock UI Framework Authentication JASPI (AD and IWA) OpenIDM Business Logic (Javascript, Groovy, Java) OAuth Federation Salesforce and LDAP Salesforce LDAP Connector Jetty Web Server 14
  • 15. OpenDJ  Lightweight  Embeddable  REST APIs  High availability  Secure out of the box  Flexible architecture 15
  • 16. OpenDJ Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Caching LDAPV3 Password Policy Replication Groups Monitoring Schema Management Auditing Backend Services Change Log Persistence Connectors LDIF Memory 16
  • 17. OpenDJ Commons Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Password Policy Caching LDAPV3 Replication Group Monitoring Schema Management Auditng Backend Services Change Log Persistence Connector LDIF Memory 17
  • 18. OpenDJ REST2LDAP User Interface Login/End User ForgeRock UI Framework OpenDJ Server JASPI Authentication Module ForgeRock REST REST2LDAP Core Services 18
  • 19. Single Webapp Stack Login/Registration/Self Service ForgeRock UI Framework ForgeRock REST OpenAM OpenIDM Authentication Authorization Federation User Management Syncronization Workflow OpenDJ Persistence Users/Tokens/Configuration 19
  • 20. High Scale Elastic Stack Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock REST ForgeRock REST ForgeRock REST ForgeRock REST OpenAM OpenIDM ForgeRock REST OpenAM OpenAM OpenIDM ForgeRock REST OpenDJ OpenDJ OpenAM ForgeRock REST OpenDJ Distributor OpenDJ OpenIDM OpenIDM ForgeRock REST OpenDJ Distributor OpenDJ OpenDJ OpenDJ OpenDJ 20