Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SAML and Liferay

7,066 views

Published on

My presentation on SAML and Liferay in Liferay Nordic Symposium Warm-up Cruise.

Published in: Technology
  • Here is an article that describes top challenging when implementing SAML based SSO for Lifery: http://www.idm-360.com/idm360/top-5-challenges-implementing-saml-single-sign-on-liferay-portal/
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • @AssureBridge That URL should be that URL should be http://www.assurebridge.com/integrations/liferay-saml-single-sign-on-integration/
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • AssureBridge makes a multi-tenant Liferay adapter that supports both CE and EE as well as multiple IdPs. It supports SAML 1.1, SAML 2.0, OpenID, WS-Federation, LDAP and Active Directory.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • AssureBridge makes a multi-tenant Liferay adapter that supports both CE and EE as well as multiple IdPs. It supports SAML 1.1, SAML 2.0, OpenID, WS-Federation, LDAP and Active Directory.

    http://www.assurebridge.com/integrations/liferay-saml-single-sign-on-i­ntegration/

    Thanks,

    Oleg
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

SAML and Liferay

  1. 1. SAML and LiferayMika KoivistoSenior Software Engineer
  2. 2. What is SAML?• Security Assertion Markup Language• XML based protocol• OASIS approved standard • SAML 1.0 November 2002 • SAML 1.1 September 2003 • SAML 2.0 March 2005• Flexible and extensible protocol designed to be used by other standards
  3. 3. Why SAML? Source: xkcd.com
  4. 4. Advantages of SAML• Platform neutral• Loose coupling of directories• Improved online experience for end users• Supported by many SaaS applications• Increased security• Strong commercial and open source support
  5. 5. Use Cases• Web Single Sign-On• Attribute based authorization• Identity Federation• WS-Security
  6. 6. SAML Roles• Identity Provider (IdP) / Asserting party• Service Provider (SP) / Relying party
  7. 7. Liferay and SAML• Available as a EE plugin• Supports two operation modes • Identity Provider • Service Provider• Based on SAML 2.0• Provides Web SSO between Liferay and various applications including Salesforce and Google Apps
  8. 8. Features• IdP initiated Web SSO• SP initiated Web SSO• SP initiated Single Logout• IdP initiated Single Logout• Consumes and Produces SAML Metadata• Attribute statement generation (IdP)• JIT provisioning using attribute statements (SP)
  9. 9. DEMO
  10. 10. Roadmap• WS-Security• Management UI• Scalability improvements
  11. 11. Kiitos! Mika Koivisto Senior Software Engineer mika.koivisto@liferay.com

×