Mika Koivisto, profile picture
Uploaded byMika Koivisto
PDF, PPTX5,613 views

SAML and Liferay

This document discusses SAML (Security Assertion Markup Language), an XML-based standard for exchanging authentication and authorization data between security domains. It describes SAML's advantages like platform neutrality and loose directory coupling. The document also outlines how Liferay supports SAML through an enterprise edition plugin, allowing single sign-on between Liferay and other applications. Key features of the Liferay SAML plugin include identity provider and service provider modes as well as IdP-initiated and SP-initiated single logout.

Embed presentation

Download as PDF, PPTX
SAML and Liferay Mika Koivisto Senior Software Engineer
What is SAML? • Security Assertion Markup Language • XML based protocol • OASIS approved standard • SAML 1.0 November 2002 • SAML 1.1 September 2003 • SAML 2.0 March 2005 • Flexible and extensible protocol designed to be used by other standards
Why SAML? Source: xkcd.com
Advantages of SAML • Platform neutral • Loose coupling of directories • Improved online experience for end users • Supported by many SaaS applications • Increased security • Strong commercial and open source support
Use Cases • Web Single Sign-On • Attribute based authorization • Identity Federation • WS-Security
SAML Roles • Identity Provider (IdP) / Asserting party • Service Provider (SP) / Relying party
Liferay and SAML • Available as a EE plugin • Supports two operation modes • Identity Provider • Service Provider • Based on SAML 2.0 • Provides Web SSO between Liferay and various applications including Salesforce and Google Apps
Features • IdP initiated Web SSO • SP initiated Web SSO • SP initiated Single Logout • IdP initiated Single Logout • Consumes and Produces SAML Metadata • Attribute statement generation (IdP) • JIT provisioning using attribute statements (SP)
DEMO
Roadmap • WS-Security • Management UI • Scalability improvements
Kiitos! Mika Koivisto Senior Software Engineer mika.koivisto@liferay.com

More Related Content

PDF
Single sign on using SAML
byProgramming Talents
 
PDF
SAML Protocol Overview
byMike Schwartz
 
PPTX
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
PPTX
IdP, SAML, OAuth
byDan Brinkmann
 
PDF
Introduction to SAML
byClément OUDOT
 
PPTX
Saml sso by Tamil on nullblrmeet 21st July 2015
byn|u - The Open Security Community
 
PPTX
SAML Smackdown
byPat Patterson
 
PDF
Introducing SAML 2.0 Protocol: Security and Performance
byAmin Saqi
 
Single sign on using SAML
byProgramming Talents
 
SAML Protocol Overview
byMike Schwartz
 
Saml vs Oauth : Which one should I use?
byAnil Saldanha
 
IdP, SAML, OAuth
byDan Brinkmann
 
Introduction to SAML
byClément OUDOT
 
Saml sso by Tamil on nullblrmeet 21st July 2015
byn|u - The Open Security Community
 
SAML Smackdown
byPat Patterson
 
Introducing SAML 2.0 Protocol: Security and Performance
byAmin Saqi
 

What's hot

PDF
Introduction to SAML 2.0
byMika Koivisto
 
PPT
Presentation sso design_security
byMarco Morana
 
PPTX
IBM Single Sign-On
byVan Staub, MBA
 
PDF
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
byJ V
 
PPTX
Web Single sign on system
bySwati Sinha
 
PDF
Enterprise Single Sign-On - SSO
byOliver Mueller
 
PPTX
SINGLE SIGN-ON
byShambhavi Sahay
 
PPTX
Single Sign On Considerations
byVenkat Gattamaneni
 
PPTX
Single Sign On 101
byMike Schwartz
 
PDF
Single sign on (SSO) How does your company apply?
byĐỗ Duy Trung
 
PDF
Shoot Me a Token: OpenAM as an OAuth2 Provider
byForgeRock
 
PDF
Single Sign On - The Basics
byIshan A B Ambanwela
 
PPTX
How to deploy SharePoint 2010 to external users?
byrlsoft
 
PDF
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
byClément OUDOT
 
PPTX
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
PPTX
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
byBrian Culver
 
PDF
Building an SSO platform in php (Zendcon 2010)
byIvo Jansch
 
PPT
SSO Strategy Implementation Considerations
byJohn Bauer
 
PPTX
Single sign on
byguest64ab8e
 
PPT
CAS Enhancement
byGuo Albert
 
Introduction to SAML 2.0
byMika Koivisto
 
Presentation sso design_security
byMarco Morana
 
IBM Single Sign-On
byVan Staub, MBA
 
Alfresco: Implementing secure single sign on (SSO) with OpenSAML
byJ V
 
Web Single sign on system
bySwati Sinha
 
Enterprise Single Sign-On - SSO
byOliver Mueller
 
SINGLE SIGN-ON
byShambhavi Sahay
 
Single Sign On Considerations
byVenkat Gattamaneni
 
Single Sign On 101
byMike Schwartz
 
Single sign on (SSO) How does your company apply?
byĐỗ Duy Trung
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
byForgeRock
 
Single Sign On - The Basics
byIshan A B Ambanwela
 
How to deploy SharePoint 2010 to external users?
byrlsoft
 
RMLL 2013 - The SAML Protocol: Single Sign On for skilled people
byClément OUDOT
 
SSO IN/With Drupal and Identitiy Management
byManish Harsh
 
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...
byBrian Culver
 
Building an SSO platform in php (Zendcon 2010)
byIvo Jansch
 
SSO Strategy Implementation Considerations
byJohn Bauer
 
Single sign on
byguest64ab8e
 
CAS Enhancement
byGuo Albert
 

Viewers also liked

PDF
Making a decision between Liferay and Drupal
byInfoAxon Technologies Limited
 
PDF
Liferay architecture By Navin Agarwal
byNavin Agarwal
 
PPTX
OpenID Connect and Single Sign-On for Beginners
bySalesforce Developers
 
PPT
Liferay overview
byAbhishekSRC
 
PPT
Liferay Developer Best Practices for a Successful Deployment
byrivetlogic
 
PPTX
Overview of Liferay 7 Technology
byAzilen Technologies Pvt. Ltd.
 
PPTX
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
byBrian Campbell
 
PPT
Liferay
byKrithika Shekhar
 
PDF
Developing Liferay Plugins with Maven
byMika Koivisto
 
PPTX
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
byForgeRock
 
PPTX
Liferay Portal и приемы разработки
bydevclub
 
PDF
OSGi e Liferay 7
byAntonio Musarra
 
PPTX
Liferay 7
bySon Nguyen
 
PPT
Liferay_2012
byiopent
 
PDF
Liferay portals in real projects
byIBACZ
 
PDF
osc_tokyo20100226
byShoken Fujisaki
 
PDF
Press release hosting infrastructure
byPolyDyne Software
 
PDF
Moved to https://slidr.io/azzazzel/liferay-7-microservices-for-the-enterprise
byMilen Dyankov
 
PDF
Создание корпоративных порталов для интранет на Java платформе Liferay
byamtportal
 
PPT
Liferay_effortel_2009
byiopent
 
Making a decision between Liferay and Drupal
byInfoAxon Technologies Limited
 
Liferay architecture By Navin Agarwal
byNavin Agarwal
 
OpenID Connect and Single Sign-On for Beginners
bySalesforce Developers
 
Liferay overview
byAbhishekSRC
 
Liferay Developer Best Practices for a Successful Deployment
byrivetlogic
 
Overview of Liferay 7 Technology
byAzilen Technologies Pvt. Ltd.
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
byBrian Campbell
 
Liferay
byKrithika Shekhar
 
Developing Liferay Plugins with Maven
byMika Koivisto
 
Customer Scale: Stateless Sessions and Managing High-Volume Digital Services
byForgeRock
 
Liferay Portal и приемы разработки
bydevclub
 
OSGi e Liferay 7
byAntonio Musarra
 
Liferay 7
bySon Nguyen
 
Liferay_2012
byiopent
 
Liferay portals in real projects
byIBACZ
 
osc_tokyo20100226
byShoken Fujisaki
 
Press release hosting infrastructure
byPolyDyne Software
 
Moved to https://slidr.io/azzazzel/liferay-7-microservices-for-the-enterprise
byMilen Dyankov
 
Создание корпоративных порталов для интранет на Java платформе Liferay
byamtportal
 
Liferay_effortel_2009
byiopent
 

Similar to SAML and Liferay

PPTX
Understanding SAML 2.0: Enhancing Secure Authentication
byNarendra Kadali
 
PDF
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
PDF
"Securing SSO Authentication: Strategies to eliminate vulnerabilities", Oleh ...
byFwdays
 
PPTX
Enterprise single sign on
byArchit Sharma
 
PDF
Attacking SSO (SAML) - Breaking into the front door of Authentication
byAmit Kumar
 
PPTX
Introduction to SAML and how to create it by JoeSelian.pptx
byimcheaterid
 
PDF
SAML 101
byEchoworx
 
PDF
How to break SAML if I have paws?
byGreenD0g
 
PDF
White Paper: Saml as an SSO Standard for Customer Identity Management
byGigya
 
PDF
SAML Executive Overview
byPortalGuard
 
PPTX
Exploring SAML 2.0-based federation in AWS.pptx
byInfosectrain3
 
PPTX
Exploring SAML 2.0-based federation in AWS.pptx
byinfosec train
 
PDF
Wp saml v2_rs_3_24_2015
byElaine Sun
 
Understanding SAML 2.0: Enhancing Secure Authentication
byNarendra Kadali
 
CIS13: Bootcamp: Ping Identity SAML in Action with PingFederate Hands-On
byCloudIDSummit
 
"Securing SSO Authentication: Strategies to eliminate vulnerabilities", Oleh ...
byFwdays
 
Enterprise single sign on
byArchit Sharma
 
Attacking SSO (SAML) - Breaking into the front door of Authentication
byAmit Kumar
 
Introduction to SAML and how to create it by JoeSelian.pptx
byimcheaterid
 
SAML 101
byEchoworx
 
How to break SAML if I have paws?
byGreenD0g
 
White Paper: Saml as an SSO Standard for Customer Identity Management
byGigya
 
SAML Executive Overview
byPortalGuard
 
Exploring SAML 2.0-based federation in AWS.pptx
byInfosectrain3
 
Exploring SAML 2.0-based federation in AWS.pptx
byinfosec train
 
Wp saml v2_rs_3_24_2015
byElaine Sun
 

Recently uploaded

PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PDF
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
PPTX
Information about Trusted Platform Module(TPM)
bynewtoknow techs
 
PPT
HDTV and DTV Standards: The United States Opts for a Digital HDTV Standard
byJeffrey Hart
 
PDF
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
PPTX
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
PDF
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
PDF
How to Connect HP LaserJet MFP M234dwe to WiFi
byPrinter Tales
 
PDF
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
PDF
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
PDF
threat-hunters-cookbook for cybersecurity
bylobster6719
 
PPTX
Search Engine Responses to Conspiratorial Search Practices AANZCA 2025 Presen...
bykkasianenko
 
PDF
Beyond BBB: Practical Alternatives to Posterior Approximation in Bayesian Neu...
byTomasz Kusmierczyk
 
PDF
DevOps GenAI_ How Generative AI Is Changing Software Delivery.pdf
byDevseccops.ai
 
PPTX
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
PDF
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
PDF
The_Boardroom_Cyber_Playbook_Research_Edition
bySaraDavis91
 
PDF
Artificial Intelligence(AI) full Book.pdf
bydeyanimesh299
 
PDF
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
PPTX
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
Information about Trusted Platform Module(TPM)
bynewtoknow techs
 
HDTV and DTV Standards: The United States Opts for a Digital HDTV Standard
byJeffrey Hart
 
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
AN Introduction to UNIX File System—An Approach
bysonjuktaweb
 
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
How to Connect HP LaserJet MFP M234dwe to WiFi
byPrinter Tales
 
Generating Structured Outputs from Unstructured Content Using LLMs
byEnterprise Knowledge
 
Josh Chu Boston - An Innovative Technology Executive
byJosh Chu Boston
 
threat-hunters-cookbook for cybersecurity
bylobster6719
 
Search Engine Responses to Conspiratorial Search Practices AANZCA 2025 Presen...
bykkasianenko
 
Beyond BBB: Practical Alternatives to Posterior Approximation in Bayesian Neu...
byTomasz Kusmierczyk
 
DevOps GenAI_ How Generative AI Is Changing Software Delivery.pdf
byDevseccops.ai
 
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
The map to conquer linear algebra for IT engineer
byakipii ogaoga
 
The_Boardroom_Cyber_Playbook_Research_Edition
bySaraDavis91
 
Artificial Intelligence(AI) full Book.pdf
bydeyanimesh299
 
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
Pizza Chain Market Data Scraping for Better Insights Report.pptx
byWeb Data Crawler
 

SAML and Liferay

  • 1.
    SAML and Liferay MikaKoivisto Senior Software Engineer
  • 2.
    What is SAML? •Security Assertion Markup Language • XML based protocol • OASIS approved standard • SAML 1.0 November 2002 • SAML 1.1 September 2003 • SAML 2.0 March 2005 • Flexible and extensible protocol designed to be used by other standards
  • 3.
    Why SAML? Source: xkcd.com
  • 4.
    Advantages of SAML • Platform neutral • Loose coupling of directories • Improved online experience for end users • Supported by many SaaS applications • Increased security • Strong commercial and open source support
  • 5.
    Use Cases • Web Single Sign-On • Attribute based authorization • Identity Federation • WS-Security
  • 6.
    SAML Roles • IdentityProvider (IdP) / Asserting party • Service Provider (SP) / Relying party
  • 7.
    Liferay and SAML •Available as a EE plugin • Supports two operation modes • Identity Provider • Service Provider • Based on SAML 2.0 • Provides Web SSO between Liferay and various applications including Salesforce and Google Apps
  • 8.
    Features • IdP initiated Web SSO • SP initiated Web SSO • SP initiated Single Logout • IdP initiated Single Logout • Consumes and Produces SAML Metadata • Attribute statement generation (IdP) • JIT provisioning using attribute statements (SP)
  • 9.
  • 10.
    Roadmap • WS-Security • ManagementUI • Scalability improvements
  • 11.
    Kiitos! Mika Koivisto Senior Software Engineer mika.koivisto@liferay.com