Your SlideShare is downloading. ×
0
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

GWAVACon 2013: Keyshield SSO Infrastructure for Novell Technologies

364

Published on

Partner Session

Partner Session

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
364
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. KeyShield SSO SSO infrastructure for Novell technologiesVáclav Šamša & dear Novell guests: Dean Lythgoe Richard Lindstedt Kai Reichert
  • 2. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO Novell solutions Novell products?  We are talking about Filr, Vibe, GroupWise Mobility Service, GroupWise, iPrint, Messenger, Service Desk ...  All are or getting pretty standard, working with a principal – the only thing they need is to identify the user's object within a directory (eDirectory, Active Directory ...).  Btw, the vaste majority of users is still consuming Novell products service from the Windows desktop, cca 30% still with XP ...  Before, the integration point for SSO was the Novell Client for Windows, now, there is no connection in between the client and browser, web client...  So, back in 2009, the question was, how to make everything working together, on Windows, Linux, Mac and, of course, all mobile devices
  • 3. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO SSO infrastructure for Novell solutions How do KeyShield SSO do it?  SAML support  ReST API interface for easy and fast direct integrations  The integrated system needs a short and easy piece of code, which will ask KeyShield SSO for the principal (UserID). Let's see the simplified schema
  • 4. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO KeyShield SSO - authenticationKeyShield SSO - authentication Windows WorkstationWindows Workstation Browser or Native clientBrowser or Native client Integrated systemIntegrated system KeyShield SSO serverKeyShield SSO server Check user by IP of the Windows Workstation (Address of the Client) Send user ID (Principal) Valid session? No – ask KeyShield SSO server for the principal Search user profiles database for user ID provided by the KeyShield SSO server. Found – start session User is successfully authenticated by IS Run client/browser Client connect to the IS
  • 5. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO SSO infrastructure for Novell solutions How do KeyShield SSO do it?  The user is identified by the IP address which is currently used by the user's device  This is working with anything which communicates via IP from the device  This includes any browser, any WebDAV. Let's see the simplified schema for Filr and Vibe
  • 6. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO KeyShield SSO – Filr WebDAV exampleKeyShield SSO – Filr WebDAV example BrowserBrowser Web ClientWeb Client Novell Filr or VibeNovell Filr or Vibe KeyShield SSO serverKeyShield SSO server Check user by IP of the Windows Workstation (Address of the Client) Send user ID (Principal) WebDAV has no access to the browser cookie or session – ask KeyShield SSO server for the user's identity Search user profile for user ID provided by the KeyShield SSO server. Found. Session created. User can edit the file User clicks the Edit button for a particular document Windows built in Web Client gets request via WebDAV
  • 7. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO SSO infrastructure for Novell solutions How do KeyShield SSO do it?  The user can authenticate to the SSO system, but means at least 2 authentications a day – to the environment/desktop and to the SSO  The demand we clearly see is for really tight integration – once the user is authenticated to the environment/desktop (eDirectory, ActiveDirectory etc), no further authentication is necessary for any systém  Any system means everything inside the LAN/WAN and also anything hosted (clouded)  There can be a SSO solution supporting NTLM and there is the KeyShield SSO – we support both. Let's see Novell Client for Windows integration simplified schema
  • 8. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO Novell ClientNovell Client KeyShield clientKeyShield client KeyShield serverKeyShield server Authentication to eDirectory & to the workstation Authentication detected. Send user info to the KeyShield SSO server together with workstation IP address. Generates token which writes to the user's object in eDirectory. Token ID together with an authentication challenge is than sent to the KeyShield SSO client. Receive token ID and challenge eDirectory search for token ID, return value to the KeyShield client Generate response Validity check Authentication OK! KeyShield SSOKeyShield SSO
  • 9. KeyShield SSO Connects eDir/AD desktop login and mobile devices with SSO SSO infrastructure for Novell solutions How do KeyShield SSO do it?  The integration mechanism is rock solid.  With this kind of integration, the whole Novell environment, can be much more efficient and convenient then Microsoft.  Together with our colleagues from Novell, we support all scenarios, user platforms, server platforms, mobile devices  If you have any home brewed system, you are lucky with us – the integration is piece of cake  Let's discuss the SSO support for Novell technologies, following slides are pretty theoretical and boring ..
  • 10. KeyShield SSO SSO infrastructure for Novell technologiesvsamsa@tdp.cz www.keyshieldsso.com www.securewinbox.com

×