Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AEM & Identity Management (IDM) Integration

1,481 views

Published on

Presentation “AEM & Identity Management (IDM) Integration“ by Tim Waring at CONNECT Web Experience in Basel on June 24/25, 2015.

Published in: Technology
  • Be the first to comment

AEM & Identity Management (IDM) Integration

  1. 1. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. AEM & IDM | Abstracting the security layer Tim Waring | Senior Consultant Adobe
  2. 2. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Project Background Re-platform on AEM 5.6.1 Personalisation My Account Legacy system integration IDM
  3. 3. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. IDM requirements Protect URI resource in AEM sites based on User’s roles Share user context among AEM and other Java app pools Single sign on & Serve more traffic
  4. 4. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Previous IDM setup 1. Page request 2. IDM Intercept 3. Retrieve User Profile 4. Return token 5. Set HTTP header 6. Cache response content User iPlanet OpenSSO LDAP Site
  5. 5. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. The possible options Deployment Performance Maintenance Extensibility Trusted HeaderReverse Proxy IntegrationLDAP Integration
  6. 6. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. The Abstracted IDM Solution – similar to SAML 1. Request secured page 2. IDM Intercept 3. Redirect Login 6. Return token 9. Set HTTP header User Dispatch OpenSSO DAUI Publish 4. Login submit 5. Authenticate 7. Redirect to secured page 8. Validate token CRM 10. Restful Service 11. Dynamic Content
  7. 7. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. IDM Achievements Extensibility – Easily deployed with other application modules Maintenance – One security role structure across all applications Deployment – Policy agents can be deployed to other applications Performance - Achieved performance
  8. 8. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Key implementation considerations Where to offload Agree Site IA Whitelist dispatcher Disable publish authentication Ongoing maintenance
  9. 9. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Questions
  10. 10. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
  11. 11. © 2013 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. Tim Waring SENIOR CONSULTANT Adobe L27, Tower 2 201 Sussex Street Sydney NSW 2000 T0413 858 737 waring@adobe.com

×