Your SlideShare is downloading. ×
0
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Open Standard Based identity Provisioning System for Cloud

954

Published on

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Open Standard Based identity Provisioning System for Cloud @ Identity.Next 2012 - Netherlands.

Published in: Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
954
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
29
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Prabath Siriwardena (@prabath)Senior Software Architect
  • 2. 2012  :  SCIM  1.1   2011  :  SCIM  1.0   2011  :  RESTPML   2010  :  SCIM  community   2006  :  SPML  2.0  2003  :  SPML  1.0   2003  :  WS-­‐Provisioning   2001  :  OASIS  PS  TC  
  • 3. /Users   SCIM  Service   Provider  SCIM  Consumer   /Groups  
  • 4. add-­‐user.json     {    "schemas":[],    "name":{"familyName":”siriwardena","givenName":”prabath"},    "userName":”prabath","password":”prabath123",    "emails":[{"primary":true,"value":”prabath@yahoo.com","type":"home"},          {"value":”prabath@wso2.com","type":"work"}]   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐user.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Users  
  • 5. add-­‐group.json     {      "schemas":  ["urn:scim:schemas:core:1.0"],      "id":  "idnext",      "displayName":  "IdentityNext",   }  curl  command  curl  -­‐v  -­‐k  -­‐-­‐user  admin:admin  -­‐d  @add-­‐group.json  -­‐-­‐header  "Content-­‐Type:application/json"  https://localhost:9443/wso2/scim/Groups  
  • 6. Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning Service SCIM  Consumer   Provider Domain  C   One    way  provisioning  
  • 7. Domain  A   Provisioning Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   One  way  provisioning  with  broker  mode  
  • 8. Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Bi-­‐directional  provisioning  
  • 9. Domain  A   Provisioning SCIM  Consumer   Service Provisioning Provider Service Provider Provisioning Service Provider Domain  B   Provisioning SCIM  Consumer   Service Provider Domain  C   SCIM  Consumer   Multi-­‐directional  provisioning  with  a  centralized  PSP  
  • 10. Domain  A   Provisioning 3 SAML2 IdP Service Provider 24 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
  • 11. Domain  A   4 Provisioning 3 SAML2 IdP Service Provider 25 1 Domain  B   Just-­‐in-­‐time  provisioning  with  SAML2  
  • 12. Provisioning Service Provider facilelogin.com   wso2.com   SCIM  Consumer  (wso2.com)  SCIM  Consumer  (facilelogin.com)  
  • 13. OAuth 2.0 Authorization Server Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
  • 14. OAuth 2.0 Authorization Server Validate()   Bearer  Token   Provisioning Service ProviderSCIM  Consumer    
  • 15. Resource     Action   Resource   Owner   Client   Scope   Provisioning Service ProviderSCIM  Consumer    
  • 16. OAuth 2.0 Authorization Server Validate()   XACML   Request   Permit/ Provisioning Deny/…   Service ProviderSCIM  Consumer     XACML PDP

×