WSO2 Identity Server

Prabath SiriwardenaSoftware Architect & Senior Manager[Carbon Platform & Security] NBQSA ~ 2011 ~ 18th/Aug/2011

An open source Identity & Entitlement management server NBQSA ~ 2011

Authentication An open source Identity & Entitlement management server LDAP AD JDBCNBQSA ~ 2011

Authentication NBQSA ~ 2011

Authentication Single Sign On An open source Identity & Entitlement management server SAML2 KerberosNBQSA ~ 2011

Single Sign On NBQSA ~ 2011

Provisioning Authentication Single Sign On An open source Identity & Entitlement management server SPML SCIMNBQSA ~ 2011

Provisioning NBQSA ~ 2011

Provisioning Authentication Single Sign On An open source Identity & Entitlement management server Auditing XDASNBQSA ~ 2011

Auditing NBQSA ~ 2011

Provisioning Authentication Single Sign On An open source Identity & Entitlement management server Auditing Delegation WS-TRUSTNBQSA ~ 2011

Delegation NBQSA ~ 2011

Provisioning Authentication Single Sign On An open source Identity & Entitlement management server Federation Auditing Delegation SAML2 WS-TRUSTNBQSA ~ 2011

Federation NBQSA ~ 2011

Role Based Access Control An open source Identity & Entitlement management server NBQSA ~ 2011

Attribute Based Access Control Role Based Access Control An open source Identity & Entitlement management server NBQSA ~ 2011

Attribute Based Access Control Role Based Access Control An open source Identity & Entitlement management server Policy Based Access Control XACMLNBQSA ~ 2011

Attribute Based Access Control Role Based Access Control An open source Identity & Entitlement management server SOAP Policy Based Access Control XACML / WS-XACMLNBQSA ~ 2011

Attribute Based Access Control Role Based Access Control REST An open source Identity & Entitlement management server SOAP Policy Based Access Control XACMLNBQSA ~ 2011

An open source Identity & Entitlement management server Web based management consoleNBQSA ~ 2011

An open source Identity & Entitlement management server SOAP based API Web based management consoleNBQSA ~ 2011

¡  User stores with LDAP/AD/JDBC ¡  OpenID ¡  SAML2 ¡  Kerberos ¡  Information Cards ¡  XACML ¡  OAuth ¡  Security Token Service with WS-‐Trust NBQSA ~ 2011

¡  SCIM ¡  XDAS ¡  WS-‐XACML NBQSA ~ 2011

NBQSA ~ 2011

¡  Open source & open standards ¡  Lean ¡  No vendor lock-‐in ¡  All in a single product ¡  Interoperability ¡  Extensibility ¡  The power of WSO2 SOA stack ¡  Short learning curve NBQSA ~ 2011

¡  Decentralized Single Sign On ¡  Single user proﬁle ¡  Widely used for community & collaboration aspects ¡  Multifactor Authentication [Infocard, XMPP] ¡  OpenID relying party components NBQSA ~ 2011

¡  Single Sign On / Single Logout ¡  Widely used *aaS providers [Google Apps, Salesforce] ¡  SAML2 Web SSO Proﬁle ¡  Used in WSO2 StratosLive NBQSA ~ 2011

¡  Key Distribution Center [KDC] NBQSA ~ 2011

¡  The de-‐facto standard for authorization ¡  Support for multiple PIPs ¡  Policy distribution ¡  Decision / Attribute caching ¡  UI wizard for deﬁning policies ¡  Notiﬁcations on policy updates ¡  TryIt tool NBQSA ~ 2011

EntitlementService EntitlementPolicyAdminService SOAP SOAP Attribute Finder Policy Decision Point Extensions Decision Policy Extensions Administration Cache Attribute Point Cache XACML Engine Default Finder Policy Cache LDAPNBQSA ~ 2011

NBQSA ~ 2011

¡  Identity Delegation ¡  Securing RESTful services ¡  2-‐legged & 3-‐legged OAuth ¡  XACML integration with OAuth ¡  OAuth 2.0 support in progress NBQSA ~ 2011

Consumer App Registers consumer key/secret Obtains request token Obtains authorized request token NBQSA ~ 2011

Consumer App Obtains access token access token Validates Resource NBQSA ~ 2011

¡  Supports WS-‐Trust 1.3/1.4 ¡  SAML 1.0/1.1/2.0 token proﬁles ¡  Claim management NBQSA ~ 2011

Resource Security Token Service Consumer App Domain A Domain B NBQSA ~ 2011

¡  Pluggable authenticators ¡  XACML attribute ﬁnders and designators ¡  SAML attribute ﬁnders for STS ¡  Clustering support for HA NBQSA ~ 2011

¡  Entitlement Mediator for XACML ¡  OAuth Mediator ¡  SAML2 Identity Provider NBQSA ~ 2011

European Identity Awards 2011 ~ under Cloud Oﬀerings for XACML and OpenID implementations NBQSA ~ 2011

¡  Open and agile ¡  Apache Software License ¡  Source code repository (Subversion) §  https://svn.wso2.org/repos/wso2 ¡  Issue tracker (JIRA) §  http://wso2.org/jira ¡  Continuous integration ¡  Public mailing lists NBQSA ~ 2011

¡  Downloadable documentation distribution ¡  On-‐line documentation §  http://wso2.org/project/solutions/identity/3.2.0/docs/ §  Articles, webinars and tutorials on WSO2 Oxygen Tank http://wso2.org/library/security §  Blogs http://blog.facilelogin.com http://blog.thilinamb.com http://pathberiya.blogspot.com http://hasini-‐gunasinghe.blogspot.com NBQSA ~ 2011

¡  Webinars §  Six identity & security webinars -‐ 2011 ¡  Work shops §  WSO2 Security Workshop – March 2011 (NY, DC, TX) §  WSO2 Security Workshop -‐ May 2011 (London, Paris, Frankfurt, Zurich) §  WSO2 Security Workshop – June 2011 (Palo Alt0 – US) §  WSO2 Cloud Security Workshop – Aug 2011 (Palo Alt0 – US) NBQSA ~ 2011

¡  Articles and white papers ¡  Conferences §  WSO2Con §  OSCON §  QCON §  ApacheCon NBQSA ~ 2011

¡  W3C ¡  OASIS ¡  OpenID Foundation ¡  Infocard Foundation ¡  Microsoft’s Interop Vendor Alliance NBQSA ~ 2011

NBQSA ~ 2011

http://wso2.com	41836
http://blog.facilelogin.com	894
http://comhackathon.private.wso2.com	140
http://translate.googleusercontent.com	31
http://node2.wso2.com	28
http://webcache.googleusercontent.com	8
http://209.126.229.54	6
http://webcache-exp-test.googleusercontent.com	4
http://www.hellboundhackers.org	4
http://commigration.wso2.com	2
http://204.13.81.87	2
http://migration.wso2.com	2
http://node1.wso2.org	1
https://www.google.co.uk	1
http://www.google.com&_=1340629198886 HTTP	1
http://otdrupal.private.wso2.com	1

WSO2 Identity Server

by Prabath Siriwardena

Accessibility

Categories

Upload Details

Usage Rights

16 Embeds 42,961

Statistics