• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Open Standard Based identity Provisioning System for Cloud
 

Open Standard Based identity Provisioning System for Cloud

on

  • 1,415 views

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Statistics

Views

Total Views
1,415
Views on SlideShare
1,405
Embed Views
10

Actions

Likes
0
Downloads
23
Comments
0

2 Embeds 10

https://twitter.com 9
http://www.kred.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Open Standard Based identity Provisioning System for Cloud Open Standard Based identity Provisioning System for Cloud Presentation Transcript

    • Prabath Siriwardena (@prabath)Senior Software Architect
    • 2012  :  SCIM  1.1   2011  :  SCIM  1.0   2011  :  RESTPML   2010  :  SCIM  community   2006  :  SPML  2.0  2003  :  SPML  1.0   2003  :  WS-­‐Provisioning   2001  :  OASIS  PS  TC  
    • /Users   SCIM  Service   Provider  SCIM  Consumer   /Groups  
    • add-­‐user.json     {    "schemas":[],    "name":{"familyName":”siriwardena","givenName":”prabath"},    "userName":”prabath","password":”prabath123",    "emails":[{"primary":true,"value":”prabath@yahoo.com","type":"home"},          {"value":”prabath@wso2.com","type":"work"}]   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐user.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Users  
    • add-­‐group.json     {      "schemas":  ["urn:scim:schemas:core:1.0"],      "id":  "idnext",      "displayName":  "IdentityNext",   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐group.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Groups  
    • Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning Service SCIM  Consumer   Provider Domain  C   One    way  provisioning  
    • Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   One  way  provisioning  with  broker  mode  
    • Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Bi-­‐directional  provisioning  
    • Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Provisioning Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Multi-­‐directional  provisioning  with  a  centralized  PSP  
    • Domain  A   Provisioning 3 SAML2 IdP Service Provider 24 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
    • Domain  A   4 Provisioning 3 SAML2 IdP Service Provider 25 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
    • Provisioning Service Provider facilelogin.com   wso2.com   SCIM  Consumer  (wso2.com)  SCIM  Consumer  (facilelogin.com)  
    • OAuth 2.0 Authorization Server Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
    • OAuth 2.0 Authorization Server Validate()   Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
    • Resource     Action   Resource   Owner   Client   Scope   Provisioning Service ProviderSCIM  Consumer    
    • OAuth 2.0 Authorization Server Validate()   XACML   Request   Permit/ Provisioning Deny/…   Service ProviderSCIM  Consumer     XACML PDP