Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

A Common API & UI for Building Next Generation Identity Services

2,396 views

Published on

Presented by Jamie Nelson, VP of Engineering, ForgeRock and Jonathan Scudder, OpenAM Architect and ForgeRock Co-Founder at ForgeRock Open Identity Summit, June 2013

Learn more about ForgeRock Access Management:
https://www.forgerock.com/platform/access-management/

Learn more about ForgeRock Identity Management:
https://www.forgerock.com/platform/identity-management/

Published in: Technology, Education
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

A Common API & UI for Building Next Generation Identity Services

  1. 1. Open Identity SummitOpen Identity SummitThe Young and theRESTlessJonathan ScudderJamie Nelson
  2. 2. Open Identity SummitStack ArchitectureResource OrientedRESTfulAPI
  3. 3. Open Identity SummitAPI: How we share data andfunctionality with developersand businesses APIs have been around ‘forever’ Usage and significance has changed dramatically over recent years Shift towards external developers and users API vs SOA
  4. 4. Open Identity SummitKiller Argument Why are we aligning our API’s? Is REST a good enough argument by itself? Don’t our current API’s do enough?
  5. 5. Open Identity Summit#1 Real Stack
  6. 6. Open Identity Summit#2 Boundary Blur ~ 70% of enterprises building private cloud ~ 40% of enterprises building public and hybrid cloud.(Survey by IDC, September 2012)Mobile Social Cloud Enterprise
  7. 7. Open Identity Summit#3 Integration PowerCreateReadUpdateDeletePatchActionQuery Granular control, simple interface Standard set of operations(CRUDPAQ), different inputs &outputs Primarily JSON representation Attractive non-functional tools andtechniques with HTTPROA + REST + JSON
  8. 8. Open Identity SummitCREST example/json/subrealm/users/?_action=create$ curl --request POST --header "iplanetDirectoryPro: AQIC5w..."--header "Content-Type: application/json"--data {"name": "bjensen","userpassword": "secret12","mail": "bjensen@example.com"}https://openam.example.com:8443/openam/json/users/?_action=create
  9. 9. Open Identity SummitCREST response{"name": "bjensen","realm": "/","uid": ["bjensen"],"mail": ["bjensen@example.com"],"userpassword": ["{SSHA}0pXpKLPRKCGY7g3YqZygJmKMW6IC2BLJimmlwg=="],"dn": ["uid=bjensen,ou=people,dc=openam,dc=forgerock,dc=org"],...
  10. 10. Open Identity SummitAPI strategy - local
  11. 11. Open Identity SummitAPI strategy - stack
  12. 12. Open Identity SummitProblem To many different complicated UI Frameworks Roots from sun Big company UI strategy churn Developers learning new frameworks Customers are locked in Simple modifications overly complex Leads to heavyweight API just for the UI
  13. 13. Open Identity SummitComplex Frameworks Years to learn Takes an expert to make changes No consistency between API, CLI, over the wire Complexity requires an abstraction layer Isolates the UI from Command Line and other APIs Scripting is impossible
  14. 14. Open Identity SummitForgeRock User Interfaces YUI/Click Jato JSF/Ice Faces JSP Admin Java Swing
  15. 15. Open Identity SummitOpen Identity Stack UI Model Single UI model for all products Built on ForgeRock REST (CREST) Common UIs for: User management Registration and Self Service Login and Password Reset Build on shared services for Authentication
  16. 16. Open Identity SummitForgeRock UI Model jQuery (Needs a little help) Backbone.js + Require.js (Modular) Handlebars.js (Templating) Underscore.js (Utility library) Less.js (CSS preprocessor) Built on ForgeRock REST and Common Services Caters to the web developers of today Two different models for ForgeRock UIs
  17. 17. Open Identity SummitAdmin and Configuration Used primarily by Administrators UI not typically customized Configuration for product services Dynamically rendered based on server JSONschema REST APIs for custom applications Adding new services dynamically rendered Customers not expected to modify more than CSS
  18. 18. Open Identity SummitEnd User Primarily seen by end users Simple HTML Templates Read in by Javascript and embedded in the UI Rendered with site wide styles/CSS Simple syntax for embedding dynamic values Separates bus logic from display Simple to modify without breaking the UI Easy to patch and upgrade
  19. 19. Open Identity Summit
  20. 20. Open Identity SummitPOST:http://www.idp.com:8888/openam/json/auth/1/authenticateQueryString Params:username:tompassword:11111111Response:{"tokenId”:"AQIC5wM2LY4Sfcx8hWM5VlE62DUQxqCcIr2TG …”}Authentication
  21. 21. Open Identity Summit
  22. 22. Open Identity SummitPOST:http://www.idp.com:8888/openam/json/user/?_action=create{"userName":"tom”,"email":"tom.petty@forgerock.com","givenName":"Tom","familyName":"Petty","securityQuestion":"1","securityAnswer":”damn the torpedoes”,…}Response:{"dn":["uid=tom,ou=people,dc=openam,dc=forgerock,dc=org"]…}Registration/Create
  23. 23. Open Identity Summit
  24. 24. Open Identity SummitPOST:http://www.idp.com:8888/openam/json/users/?_action=idFromSessionHeader: "tokenId”:"AQIC5wM2LY4Sfcx8hWM5VlE62DUQxqCcI …”Response:{"id":”tom","realm":"/","dn":"id=tom,ou=user,dc=openam,dc=forgerock,dc=org”}Get UserID from Session
  25. 25. Open Identity SummitGET:http://www.idp.com:8888/openam/json/users/tomHeader: "tokenId”:"AQIC5wM2LY4Sfcx8hWM5VlE62DUQxqCcI …”Response:{"name":"tom","realm":"/","uid":["tom"],"mail":["tom.petty@forgerock.com"],"sn":["Petty"],"givenname":["Tom"],}Get User Profile
  26. 26. Open Identity SummitExtending End User Pages
  27. 27. Open Identity Summit<div class="column1"><div class="field"><label class="light">{{t "common.user.postalCode"}}</label><input type="text" name=”city" /><div class="validation-message"></div></div></div><div class="column2"><div class="field"><label class="light">{{t "common.user.city"}}</label><input type="text" name=”postalCode" /><div class="validation-message"></div></div></div>Extending End User Pages
  28. 28. Open Identity Summit
  29. 29. Open Identity SummitSingle Shared ModelForgeRock ServicesForgeRock RESTForgeRock UIApplication Scripting
  30. 30. Q & AQ & ALogo of PresenterCompany HERE

×