• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OIS Architecture Review
 

OIS Architecture Review

on

  • 1,567 views

Presented by Jamie Nelson, VP of Engineering, ForgeRock at Open Stack Identity Summit, France 2013

Presented by Jamie Nelson, VP of Engineering, ForgeRock at Open Stack Identity Summit, France 2013

Statistics

Views

Total Views
1,567
Views on SlideShare
1,352
Embed Views
215

Actions

Likes
3
Downloads
95
Comments
0

1 Embed 215

http://www.scoop.it 215

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    OIS Architecture Review OIS Architecture Review Presentation Transcript

    • Open Identity Stack
    • Identity Products Today  Stack vendors built by acquisition  The integrated stack is marketecture  Installation takes days  Integration is complex  Interface and UI proliferation  No module reuse  Closed source  Vendor lock in 2
    • ForgeRock Vision  Simple  Scalable  Modular  Embeddable  Common REST framework  Common UI model  Community participation 3
    • Common Modules  CREST (ForgeRock REST)  User Interface  JASPI for Authentication  REST endpoint protection (filters)  OAuth  Federation  Logging  Entitlements 4
    • OpenAM  All in one  Simple war deployment  Platform independent  Flexible and extensible  Highly available and scalable 5
    • OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Auditng User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 6
    • OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Audit User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 7
    • OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services Core Services OpenDJ OpenDJ 8
    • OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services OpenDJ Core Services OpenDJ 9
    • OpenIDM  Lightweight provisioning  Next generation modular architecture  Built on resource oriented principles  Highly extensible  Self contained 10
    • OpenIDM ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Workflow External Resources ForgeRock REST Router Persistence (OrientDB) 11
    • OpenIDM Commons ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Task Scanner External Resources ForgeRock REST Router Persistence (OrientDB) 12
    • Identity Bridge  Software appliance ■ Wizard configuration  Identity synchronization from enterprise to SaaS  Reporting and reconciliation  SAML2 and OAuth 13
    • Identity Bridge Configuration Wizard OSGI Reporting and Recon ForgeRock UI Framework Authentication JASPI (AD and IWA) OpenIDM Business Logic (Javascript, Groovy, Java) OAuth Federation Salesforce and LDAP Salesforce LDAP Connector Jetty Web Server 14
    • OpenDJ  Lightweight  Embeddable  REST APIs  High availability  Secure out of the box  Flexible architecture 15
    • OpenDJ Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Caching LDAPV3 Password Policy Replication Groups Monitoring Schema Management Auditing Backend Services Change Log Persistence Connectors LDIF Memory 16
    • OpenDJ Commons Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Password Policy Caching LDAPV3 Replication Group Monitoring Schema Management Auditng Backend Services Change Log Persistence Connector LDIF Memory 17
    • OpenDJ REST2LDAP User Interface Login/End User ForgeRock UI Framework OpenDJ Server JASPI Authentication Module ForgeRock REST REST2LDAP Core Services 18
    • Single Webapp Stack Login/Registration/Self Service ForgeRock UI Framework ForgeRock REST OpenAM OpenIDM Authentication Authorization Federation User Management Syncronization Workflow OpenDJ Persistence Users/Tokens/Configuration 19
    • High Scale Elastic Stack Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock REST ForgeRock REST ForgeRock REST ForgeRock REST OpenAM OpenIDM ForgeRock REST OpenAM OpenAM OpenIDM ForgeRock REST OpenDJ OpenDJ OpenAM ForgeRock REST OpenDJ Distributor OpenDJ OpenIDM OpenIDM ForgeRock REST OpenDJ Distributor OpenDJ OpenDJ OpenDJ OpenDJ 20