• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OpenSSO Deployments

OpenSSO Deployments



Deployments of OpenSSO. At TheAquariumOnline

Deployments of OpenSSO. At TheAquariumOnline



Total Views
Views on SlideShare
Embed Views



2 Embeds 15

http://www.slideshare.net 14
http://www.slideee.com 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    OpenSSO Deployments OpenSSO Deployments Presentation Transcript

    • Real world deployment with Sun OpenSSO Enterprise at Verizon Wireless Ajay Sondhi 1
    • Verizon Wireless OpenSSO Deployment Verizon Wireless is a leader in wireless voice, data,  information and entertainment services  Joint venture of Verizon Comms (NYSE: VZ) + Vodafone (NYSE: VOD)  85 million customers  71,000 employees  $44 billion annual revenue  More than 2,600 retail stores & kiosks  One of the most reliable wireless network in the U.S. ● Network coverage: 267M POPs ● Rapid Disaster Response, Portable Cell Site 2
    • Verizon Wireless OpenSSO Deployment Goals Give users a unified experience across all ● authorized products and services by Single Sign On (SSO) by assigning Account Owner and Account Member roles and multi-line accounts ● Permit standardization across all self-serve platforms by authentication and authorization logic to prevent site intrusion ● Provide seamless integration between Verizon Wireless (VZW) and other lines of businesses (LOBs) to improve customer experience Benefits Easy to integrate new products and services ● ● Simplified SSO reduces IT cost and improves security ● Access Manager (AM) improves security by authentication & authorization logic ● Enable cross-domain SSO unifies user experience between VZW and ASPs ● Enable customized audit capabilities through AM for log access information and diagnostic information analysis 3
    • Verizon Wireless (Technical Requirements) A Deployment Topology & Architecture that supports High Availability ● High Throughput ● High Performance ● A flexible Systems Design that supports SSO with applications hosted on disparate platforms & containers ● Federation & Liberty Protocols ● Customization at all levels including Authentication, Authorization and ● Federation 4
    • Verizon Wireless OpenSSO Deployment Access Manager SSO : Implemented for both B2C and B2B on Wireless ● and Broadband ● 50M MyVerizon wireless customers registered online ● 2M logins/day on VZW ● Supports role based access ● 25 different product vendors integrated Federation : Implemented Federation across VZW and VZT for ● B2C customers ● Implement Federation across VZW and .Net for SMB customers ● Implemented Federation across VZW and VZB for business customers ● Login once & toggle between two distinct My Account websites. ● Convenient access for One-Bill and bundle services 5
    • Verizon Wireless (AM SSO Features) Account Management Registration & Login (2M Logins/day) ● ● Password Management ● Profile & Preference Management User Authentication Cross-Domain Single Sign-On and ● ● State Management ● Role-based Access Control ● Standard User Authentication System for All External Sites Customized APIs Customized Services for Billing, ● Handset, Provisioning and Post-Login Functions 6
    • Verizon Wireless (AM Federation Features) Seamless integration between Verizon Wireless ● and other Verizon LOBs ● Login once & toggle between two distinct My Account web sites ● Convenient access for One-Bill and bundle services ● Cross-sell opportunities on both sites 7
    • Verizon Wireless Architecture High Availability Geographic redundancy in two data ● centers (East & West) ● Session failover capabilities with four instances of AM within each data center. ● Six way multi-mastered directory servers across data centers High Performance Over 50M identities ● ● Over 4000 successful authentications per minute (peak) ● Over 250K active users (peak) ● Provide SSO with over 25 ASPs 8
    • Verizon Wireless Architecture Superior Sun hardware Web servers -T2K (Niagra chipset) for superior multithreaded performance ● ● Directory –x4600 (Opteron chipset) for high disk i/o Design Choices Use of Session Attributes (as opposed to profile) ● ● Turn off profile notifications from AM to agents ● Segregating the configuration Realm ● Restrict the use of URL policy and J2EE policy mode ● Load balancer configuration to ensure stickiness ● Writing to one master LDAP Tuning OS –Memory, File system and Networking ● ● AM Tuning ● JVM tuning ● Agent Tuning ● Directory Server Tuning 9
    • Questions? 10