LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.

•

1 like•378 views

LemonLDAP::NG is ten years old but still innovating! The 2.0 release provides support of OpenID Connect, a brand new SSO protocol that will be used by French administration trough France Connect.

Technology

LemonLDAP::NG 2.0 overview
@clementoudot

2
Clément OUDOT
http://sflx.ca/coudot
● Founded in 1999
● >100 persons
● Montréal, Quebec City, Ottawa, Paris
● ISO 9001:2004 / ISO 14001:2008
● contact@savoirfairelinux.com

4
Some history
2003 2006 2010 2014
Project
creation
NG
version
V 1.0
SAML
CAS
OpenID
V 1.4 V 2.0
OpenID
Connect
2016

5
Single Sign On
User
Web Application
WebSSO Portal
1
2
3

6
Access Control
User
Web
Application
1
SSO
2
Authorization
3

7
Components
CommonCommon
ManagerManager
HandlerHandler
PortalPortal
Administration
interface
User interactions
Applications protection

8
Authentication backends
LDAPLDAP
ADAD
ApacheApache SAMLSAML
CASCAS RadiusRadius OpenIDOpenID
WebIDWebID
BrowserBrowser
IDID
DBIDBI
YubikeyYubikey

9
Self Service
PasswordPassword
changechange
PasswordPassword
resetreset
AccountAccount
CreationCreation

10
Identity protocols gateway
SAMLSAMLCASCAS
OpenIDOpenID

12
AngularJS Manager
● FrontEnd written with AngularJS
● Responsive design
● Configuration data as JSON
● Import/Export feature
● Edition of multiple values on the same screen
● Possibility to set a log message on save

14
Handler API
● No more direct link between Handler and mod_perl
● Creation of an internal API, with implementations:
– Apache mod_perl 1
– Apache mod_perl 2
– CGI
– Nginx
– PSGI

16
CAS attributes exchange
● Conform to CAS 3.0 standard
● Returns attributes in service ticket validation response,
inside <cas:attributes>
● Compatible with phpCAS::getAttributes() function

17
OpenID Connect
● Based on OAuth 2.0 / JOSE
● Specific scope “openid” to receive an ID token
● User consent required to share its identity
● Access token delivered to request UserInfo endpoint
● Already used by Google to manage authentication

18
Roles
Resource owner
(end-user)
Client
(third-party)
Authorization
Server
Resource
Server

19
Authorization Request
Authorization Grant
Authorization Grant
Access Token
Access Token
Protected Resource

20
RPRP OPOP
(1) AuthN Request
(2) AuthN & AuthZ
(3) AuthN Response
(4) UserInfo Request
(5) UserInfo Response

23
France Connect
● French administration choose OpenID Connect for its
next generation authentication platform
● LemonLDAP::NG 2.0 :
– Can be client of France Connect: users will be able to sign
with their France Connect identity
– Can be provider of France Connect: France Connect can
delegate authentication to LemonLDAP::NG

Thanks for your attention
@clementoudot
http://sflx.ca/coudot

Cloud Computing is becoming the new paradigm for the Internet and Service provisioning. Open source solutions, especially those resulting from R/D projects, often are neglected due to the absence of track-records in use by real world applications. ETICS is a build, test and certification software developed since 2004 and up to now used at CERN, ENG and others to build and test various complex software systems, such us glite (http://glite.cern.ch) and gcube (http://www.gcube-system.org).

Consistent service integration in your workflows with OW2 Scarbo 2.0, OW2con'...

OW2

Scarbo is an open, complete, SOA ready, SCA powered, OW2 and Eclipse-based BPM solution. The 2.0 release adds a major component to its SOA/BPM solution: a service registry and repository enforcing consistency across design time and runtime by acting as a pivotal reference. By integrating with the EasySOA registry (http://www.easysoa.org), Scarbo opens up the door to BPM / SOA governance and documentation, benefits from service discovery to ease up service reuse, while making switching from test to production service endpoints a breeze.

프로젝트N 기획문서

Matthew Chang

Giethoon villagewithoutstreets

alfcoltrane

Manage Traceability with Apache Atlas flexible metadata repository.

OW2

Itf ipp ch09_2012_finaldphil002

Enrolled agent’s examination introductiondphil002

Ow2 SpagoBI Linuxtag09OW2

Chapter 11dphil002

Oscar - The OW2 Quality Program - Cloud Computing World Expo 2016

OW2

Itf ipp ch03_2012_finaldphil002

CompatibleOne OW2 Conference Nov10OW2

Itf ipp ch06_2012_finaldphil002

Social media knockdowntellem

PR Campaign Case Study 수강후기

Matthew Chang

Chubby

Amir Payberah

LinkedIn and Twitter Lab for Beginners

Helen Buzdugan

Inteligencia emocional

Sol JO

カマコンバレー @YOKOHAMA Future Session 150421

Kanshin!, Inc.

RMLL 2014 - LemonLDAP::NG - What's new under the SSOn

Clément OUDOT

OW2con'14 - LemonLDAP::NG 1.4 New features, Linagora

OW2

LemonLDAP::NG is a Free Software dédicated to SSO and access control, used in numerous french administrations and other organizations. Developped since 10 years, it evolves constantly bringing new features at each version. The 1.3 version has been exposed during the last OW2 con'. We will present the 1.4 version that was released in July 2014, with plenty of new features like session cache sharing, bootstrap skin, captcha cluster mode, Nginx support trough LUA Handler and self register service.

Viewers also liked

Qualipso Open Maturity Model OW2 Conference Nov10OW2

ETICS- quality certification of open source cloud software, OW2con'12, Paris

OW2

Consistent service integration in your workflows with OW2 Scarbo 2.0, OW2con'...

OW2

프로젝트N 기획문서

Matthew Chang

Giethoon villagewithoutstreets

alfcoltrane

Manage Traceability with Apache Atlas flexible metadata repository.

OW2

Itf ipp ch09_2012_finaldphil002

Enrolled agent’s examination introductiondphil002

Ow2 SpagoBI Linuxtag09OW2

Chapter 11dphil002

Oscar - The OW2 Quality Program - Cloud Computing World Expo 2016

OW2

Itf ipp ch03_2012_finaldphil002

CompatibleOne OW2 Conference Nov10OW2

Itf ipp ch06_2012_finaldphil002

Social media knockdowntellem

PR Campaign Case Study 수강후기

Matthew Chang

Chubby

Amir Payberah

LinkedIn and Twitter Lab for Beginners

Helen Buzdugan

Inteligencia emocional

Sol JO

カマコンバレー @YOKOHAMA Future Session 150421

Kanshin!, Inc.

Viewers also liked (20)

Qualipso Open Maturity Model OW2 Conference Nov10

ETICS- quality certification of open source cloud software, OW2con'12, Paris

Consistent service integration in your workflows with OW2 Scarbo 2.0, OW2con'...

프로젝트N 기획문서

Giethoon villagewithoutstreets

Manage Traceability with Apache Atlas flexible metadata repository.

Itf ipp ch09_2012_final

Enrolled agent’s examination introduction

Ow2 SpagoBI Linuxtag09

Chapter 11

Oscar - The OW2 Quality Program - Cloud Computing World Expo 2016

Itf ipp ch03_2012_final

CompatibleOne OW2 Conference Nov10

Itf ipp ch06_2012_final

Social media knockdown

PR Campaign Case Study 수강후기

Chubby

LinkedIn and Twitter Lab for Beginners

Inteligencia emocional

カマコンバレー @YOKOHAMA Future Session 150421

Similar to LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.

RMLL 2014 - LemonLDAP::NG - What's new under the SSOn

Clément OUDOT

OW2con'14 - LemonLDAP::NG 1.4 New features, Linagora

OW2

Enterprise Single Sign On WSO2

WSO2 Identity Server WSO2

LemonLDAP::NG - the New Generation WebSSO !, David Coutadeur, Linagora.

OW2

LemonLDAP::NG is a FOSS for WebSSO, access management and identity federation developed since 2005. Its community is active and regurlarly proposes new versions. This software provides many functionalities: * Multi-domain SSO * Configuration and session management * Form replay * Protocols support : LDAP, CAS, OpenID, SAML, Radius * Authentication methods chaining * Applications portal * Password management * Notifications * Connection history management * Put an application in maintenance state * Inserting a menu on protected applications LemonLDAP::NG can be used as a gateway between many authentifcation protocoles, for example : * Provide identity trough SAML after an LDAP authentication * Provide identity trough CAS after an OpenID authentication * Provide identity trough OpenID after a Twitter authentication LemonLDAP::NG is a efficient mean to link Saas applications to internal applications, all relying on the authentication of the enterprise directory.

[OW2Con 2017] News from LemonLDAP::NG

Clément OUDOT

OW2 Open Source Community Technology Council Update, OW2con'16, Paris.

OW2

The OW2 Technology Council (TC) makes project lifecycle decisions, builds the overall technical architecture, defines technical guidelines and provides technology validation. It is run by its elected Chairman, Daniele Gagliardi, from Engineering Group, and by the OW2 CTO, Stéphane Laurière. The Council is composed of 50+ OW2 project leaders and additional hands-on open-source practitioners. This presentation will describe the overall role of the Technology Council, the main achievements carried out in 2016 and the outlook for 2016 and 2017.

LemonLDAP NG 1.2, OW2con'12, Paris

OW2

LemonLDAP::NG is a FOSS for WebSSO, access management and identity federation developed since 2005. Its community is active and regurlarly proposes new versions. This talk will first present the software and its main functionalities: Multi-domain SSO Configuration and session management Form replay CAS, OpenID and SAML support Authentication methods chaining Applications portal Password management Notifications Then the main novelties of version 1.2: Radius authentication (and use of Google Authenticator) Connection history management Put an application in maintenance state Inserting a menu on protected applications

BuildStuffConf Going beyond the 12 factors

Grace Jansen

Enabling applications to really thrive (and not just survive) in cloud environments can be challenging. The original 12 factor app methodology helped to lay out some of the key characteristics needed for cloud-native applications... but... as our cloud infrastructure and tooling has progressed, so too have these factors. In this session we'll dive into the extended and updated 15 factors needed to build cloud native applications that are able to thrive in this environment, and we'll take a look at open source technologies and tools that can help us achieve this.

SonarQube - The leading platform for Continuous Code Quality

Larry Nung

Planning for Windows 10 and Internet Explorer 11

Flexera

Enterprises are preparing for the release of Windows 10 this year and the end of support for all but the latest version of Internet Explorer, scheduled for 2016. How do you transition these services quickly, efficiently, cost effectively and with minimal impact to the businesses? This Webinar with Fred Pullen, Senior Product Marketing Manager at Microsoft and Tim Davis, Product Marketing Manager of Flexera Software, discusses the challenges and strategies needed to plan the capacity and resources required to package, test and predictably deploy a steady stream of new services including: - Preparation for the upcoming release of Windows 10 - Migration considerations when moving to Internet Explorer 11 - Planning for next generation browsing experiences in Microsoft’s Edge

Implementing Oracle Identity Management Using External Authentication Plug-In

Dinesh Gupta

Jdll 2010 lemon_ldap-ng_100_previewClément OUDOT

.NET Cloud-Native Bootcamp- Los Angeles

VMware Tanzu

AppDynamics Sales Presentation Imagemaker 2014

Urena Nicolas

AppDynamics es una nueva clase de software para gestión de rendimiento de aplicaciones (APM o Aplication Performance Management). AppDynamics ha sido diseñado para resolver las problemáticas de las plataformas modernas basadas en JEE y .NET, donde la combinación de servicios y componentes están sometidos a condiciones dinámicas y cambios frecuentes. Y ahora también tiene monitoreo dinámico de la experiencia de usuarios finales (EUM)

WSO2 Identity Server 5.3.0 - Product Release Webinar

WSO2

WSO2 Identity Server 5.3.0 has added a number of new features that were requested for by its users and which are critical for any product in the identity and access management (IAM) space. After a redesign of the identity management framework, a host of new account and password management features were introduced. Now it also supports a host of new IAM protocols including SAML2 single sign-on (SSO) metadata, SAML2 Assertion Query/ Request Profile, the complete OpenID Connect protocol suite and REST Profile for XACML 3.0 among others. What’s more, WSO2 Identity Server 5.3.0 now performs real-time analytics that monitors the identity ecosystem and alerts you when abnormal sessions or suspicious logins occur. This aspect of the product also has the ability to terminate sessions to ensure that your enterprise is fully secured. This webinar will explore New features and improvements in account and password management New IAM protocols that are supported Real-time security alerting capabilities WSO2 Identity Server 6.0 roadmap

GIDS_15FactorWorkshop.pdf

RichHagarty

Enabling applications to really thrive (and not just survive) in cloud environments can be challenging. The original 12 factor app methodology helped to lay out some of the key characteristics needed for cloud-native applications... but... as our cloud infrastructure and tooling has progressed, so too have these factors. In this workshop we'll dive into the extended and updated 15 factors needed to build cloud native applications that are able to thrive in this environment, and get hands-on with open source technologies and tools (including MicroProfile, Jakarta EE, Open Liberty, OpenJ9, and more!) that can help us achieve this.

Whats new in web methods 9.12

Kellton Tech Solutions Ltd

Software AG was top ranked in current offering and received among the highest scores in the strategy category in the Forrester Wave. webMethods Hybrid Integration Platform combines traditional on-premise integration with cloud integration capabilities to support a wide range of integration patterns for the modern digital enterprise. Kellton Tech’s Digital Connected Enterprise (DCE) is a leader in enterprise-level integration, API management and multi-speed IT strategy, leveraging Software AG’s Digital Business Platform Kellton Tech empowers world’s best-known brands to effectively use Software AG’s Digital Business Platform to innovate, differentiate and win in the digital world. In this session, we will discuss - Details about webMethods 9.12 release - Significant features and enhancements in webMethods 9.12 - Kellton Tech’s upgrade methodology and modernization offering

Java2 days 5_agile_steps_to_cloud-ready_apps

Payara

[Pass the SALT 2021] Hosting Identity in the Cloud with free softwares

Worteks

Similar to LemonLDAP::NG 2.0. OW2con'15, November 17, Paris. (20)

RMLL 2014 - LemonLDAP::NG - What's new under the SSOn

OW2con'14 - LemonLDAP::NG 1.4 New features, Linagora

Enterprise Single Sign On

WSO2 Identity Server

LemonLDAP::NG - the New Generation WebSSO !, David Coutadeur, Linagora.

[OW2Con 2017] News from LemonLDAP::NG

OW2 Open Source Community Technology Council Update, OW2con'16, Paris.

LemonLDAP NG 1.2, OW2con'12, Paris

BuildStuffConf Going beyond the 12 factors

SonarQube - The leading platform for Continuous Code Quality

Planning for Windows 10 and Internet Explorer 11

Implementing Oracle Identity Management Using External Authentication Plug-In

Jdll 2010 lemon_ldap-ng_100_preview

.NET Cloud-Native Bootcamp- Los Angeles

AppDynamics Sales Presentation Imagemaker 2014

WSO2 Identity Server 5.3.0 - Product Release Webinar

GIDS_15FactorWorkshop.pdf

Whats new in web methods 9.12

Java2 days 5_agile_steps_to_cloud-ready_apps

[Pass the SALT 2021] Hosting Identity in the Cloud with free softwares

More from OW2

OW2 and RIOS teaming up to boost the open source impact, Nov. 2022 in Roma

OW2

This presentation is given by Stefano Pampaloni at the RIOS Open Source Week, Nov. 2022 in Roma. Abstract: Established in 2007 as a non-profit organisation, OW2 is an independent community dedicated to promoting open source software for information systems and fostering their business ecosystems. OW2 federates 50+ organizations and 2500+ IT professionals worldwide. OW2 hosts 50+ technology Projects. RIOS is an Italian network of companies established in 2015 aiming to improve open source adoption and to build sustainable businesses around it OW2 and RIOS are working together to foster collaboration between European open-source stakeholders.

The Open Source Good Governance Initiative presented at RIOS OS Week, Nov. 20...

OW2

The Good Governance Initiative (GGI) proposes a methodological framework to assess open-source awareness, compliance and governance in any kind of organizations, helping them to structure and improve the use of FOSS towards an OSPO. The GGI was initiated by OW2 and is developed by the OSPO Alliance. This presentation will give an overview of the initiative, its organization, roadmap, first achievements and next steps.

GLPi v.10, les fonctionnalités principales et l'offre cloud

OW2

Centreon: superviser le Cloud et le Legacy à partir d'une même plateforme, po...

OW2

FusionIAM : la gestion des identités et des accés open source

OW2

OW2 Association Européenne aux racines grenobloises, transformer l'industrie ...

OW2

Connaissez-vous OW2 ? Aventure commencée en 1999 à Grenoble sur la base d'un consortium industriel dédié au middleware open source, devenu association sans but lucratif d'échelle européenne en 2006 sous le nom d'OW2, nous agissons pour la diffusion du libre dans le monde professionnel depuis plus de 20 ans. OW2 compte des adhérents de toute taille : 2.600 individuels en adhésion gratuite, et 30 institutionnels, de la TPE unipersonnelle à Orange, Microsoft ou Huawei, de l'Inria ou le Fraunhofer Fokus à la Gendarmerie Nationale ou la ville de Paris. Nos projets sont plus célèbres que nous : ASM, Centreon, Lutece, PrestaShop, Sympa ou Rocket.Chat vous diront peut-être quelque chose ? Philosophiquement, OW2 se trouve quelque part entre Eclipse et Apache : culture technique, infrastructure d'hébergement et d'assistance pour les projets, sur la ligne de crête entre l'esprit du libre et les contraintes du business, nous sommes un acteur de l'économie sociale, persuadé que l'open source est central dans une transformation sociétale nécessaire qui ne pourra se faire sans l'adhésion du monde industriel et académique. A un tournant de notre histoire, nous investissons le créneau de la qualité industrielle des projets avec notre méthodologie "Market readiness Levels", et la gouvernance de l'open-source comme membre fondateur de l'OSPO Alliance (ospo.zone) et éditeur du guide méthodologique "OSS Good Governance handbook". Ne nous y trompons pas : OW2 est un acteur éminemment politique, porteur d'une vision fondée sur la transformation du monde professionnel et de ses valeurs par le code et la coopération. Et cette présentation, avec un survol de notre histoire, adhérents, initiatives et projets, est également l'occasion d'en débattre.

SFScon'20 Bringing the User into the Equation

OW2

Towards a sustainable solution to open source sustainability, OW2online20, Ju...

OW2

A few years ago, Heartbleed epitomized a massive open source sustainability problem for critical parts of the internet infrastructure. The bug, which affected the popular OpenSSL cryptographic software library, notably compromised the confidentiality of 4.5 million US patient records and cost the industry an estimated $500M. It was soon revealed that the root cause of the issue was that OpenSSL was precariously understaffed. Open source sustainability became a major theme overnight. Stories of maintainer burn-out made the headlines. And tentative solutions started to emerge, most of them donation-based. In this talk we’ll explore a number of existing strategies to fund open source and make it more sustainable, from patronage to dedicated ad networks. And we’ll defend the idea that the best path to open source sustainability is to help companies understand the tangible business value they can get from contributing to open source.

Advanced proactive and polymorphing cloud application adaptation with MORPHEM...

OW2

Open Source governance and the Eclipse Foundation, OW2online, June 2020

OW2

Presentation by Gael Blondelle, Managing Director at Eclipse Foundation. Abstract: In this talk, we will cover two complementary topics: The different Eclipse projects related to Open Source governance, like Eclipse SW360, SW360 Antenna, and Eclipse Steady, as well as the opportunity to leverage SW360 as the core of a larger Open Source governance initiative. The Eclipse IP Process that has been applied to hundreds of Eclipse projects for more than 15 years and is going through a modernization process that involves both simplification from the developer point of view, and openness to new source of trusted data like Clearly Defined.

Open source contribution policies, OW2online, June 2020

OW2

Open source contribution policies are long, boring, overlooked documents, that generally suck. They're designed to protect the company at all costs. But in the process, end up hurting engineering productivity, and morale. Sometimes they even unknowingly put corporate IP at risk. But that's not inevitable. It's possible to write open source contribution policies that make engineers lives easier, boost morale and productivity, reduce attrition, and attract new talent. And it's possible to do so while reducing the company's IP risk, not increasing it. In this talk, we'll look at the general structure of contribution policies, examples in the wild, and tactics to make them suck less. We'll also look at how to turn these policies into self-service software, preventing the tedious email back and forth between engineering and legal in most cases and making open source contribution a breeze. Presentation by Tobbie Langel, UnLockOpen.

Software development at scale, pandemic lockdown and oss ecosystems, OW2onlin...

OW2

Presentation by Jose Manrique, CEO at Bitergia. Abstract: 2020 has started intense for many countries. It's been just a few months, but the things we have lived make us feel like it's been years. Covid-19 pandemic has hit everywhere and forced many people to work from home. If you were lucky enough to be in one of these modern companies that have adopted digital transformation years ago, would that be a problem? Many people have thought it wasn't, but it has really been. And what about the rest of the software developers involved in companies not ready for remote work at all? It's been said that nothing has boosted more companies' digital transformation than covid-19. But, are their managers ready for such change? Managing software development at scale is not an easy task, and this pandemic has disrupted the way projects are being developed in many companies. During this talk, I would like to share lessons learned from open source development at scale that might help companies to adapt to these changes. But more specifically, lessons about how software development analytics help managers to understand collaborative remote work.

Overview of the OpenChain Reference Tooling Work Group, OW2online20, June 2020

OW2

Presentation by Olivier Fendt, Senior Manager Open Source Software at Siemens. Abstract: The well-known OpenChain project launched in Sept 2019 a Tooling Group. The objective of this group is to realize a turn-key Open Source toolchain for Open Source Compliance, which is / can be easily integrated in the software development CI/CD pipelines. The Tooling Group uses open source principles to accomplish this, creating a meritocracy producing real world solutions for real world challenges, and sharing these results with all interested parties. The presentation gives an overview of the Tooling group its objectives, the areas of focus, the current state and future plans.

Open Source Compliance at Orange, OW2online, June 2020

OW2

Presentation by Nicolas Toussaint, Software Architect, Orange. Abstract: Orange and Orange Business Services have turned to full open source solutions to tackle the complex problem of respecting the open source legal compliance constraints. This talk presents the journey undertaken the past few years to build and improve the existing tooling and processes to make compliance validation possible, as well as allow overseeing progresses.

Ideas, methods and tools for OSS Compliance assessment, OW2online, June 2020

OW2

Presentation by Boris Baldassari, Consultant, Castalia Solutions. Abstract: While Open Source Software has become mainstream, the understanding of its key principles, from ethics and collaboration to governance and community management, is gaining more interest and attention. There is a comprehensive volume of studies and reports backing up our individual and collective experience, yet we still cannot reliably measure these characteristics, and even less clearly define or assess them. In an attempt to build up confidence and foster maturity in this area, this talk will look at the various existing models and metrics related to OSS compliance and governance, and build upon them to propose methods and tools for their evaluation and analysis. We will discuss the requirements and essential questions to ask, offer guidelines for implementation and suggest efficient ways to present results.

Intelligent package management with FASTEN, OW2online, June 2020

OW2

Presentation by Amir Mir, TUDelft. As recent events, such as the leftpad incident and the Equifax data breach, have demonstrated, dependencies on networks of external libraries can introduce projects to significant operational and compliance risks as well as difficult to assess security implications. FASTEN introduces fine-grained, method-level, tracking of dependencies on top of existing dependency management networks. In our talk, we will present how FASTEN works on top of the Rust/Cargo and Java/Maven ecosystems.

DECODER, a Smarter Environment for DevOps Teams , OW2online, June 2020

OW2

Enabling DevOps for IoT software development, powered by Open Source, OW2onli...

OW2

Presentation by Hui Song, Senior Scientist, SINTEF. We would like to share our research journey towards enabling DevOps for IoT applications, and how Open Source makes the journey feasible and fun. DevOps is widely adopted for developing cloud applications, which supports developers in continuously placing software changes directly to production. As companies are including IoT and Edge devices into their IT infrastructures, supporting DevOps for IoT is a must. However, IoT challenges some fundamental assumptions behind DevOps, such as the homogeneous infrastructure and centralized governance, and therefore, breaking-through research is needed. Funded by H2020, 30 people from 12 partners crossing academia and industry gathered to solve these fundamental challenges, which results in full-stack open source tools for automatic deployment, learning-based operation and security monitoring of IoT applications, and risk management of the development process. The tools are evaluated on industrial use cases in intelligent transportation, smart building, and eHealth. The mass open source tools and communities around IoT development provides the sound foundation for this design research and the opportunities for the further exploitation of the results. In particular, we are proud of spinning off a start-up to commercialize the risk management services in the open source + SaaS model.

Upcoming Challenges in Artificial Intelligence Research and Development, OW2o...

OW2

Artificial Intelligence is now smarter than ever, showing human-like abilities at complex tasks such as images classification or natural language processing. But despite its recent advances, it's still not a silver bullet. This talk will present a few challenges in the research and development of artificial intelligence that slow down its progress and adoption. In particular, problems around fairness, the training of models and how to share them will be introduced as well as possible Free Software solutions. Presentation by Vincent Lequertier, PhD Student, Lyon UNiverversity.

Cacti and Big Data at Orange France, OW2online, June 2020

OW2

We propose a walkthrough of current utilization of Open Source Software in capacity planning for the Orange network infrastructure. The objective of our project is to have a platform that helps engineers to carefully plan the resources available to them as well as to correlate different incidents within remote parts of the infrastructure. In order to achieve this we started using Cacti with the Spine collector which worked great, but Orange France is a very large company with many entities, each with its own governance, and so we began to see some limitations. There was a need to centralize some information from different parts in Orange France as well as to integrate the equipment capacity and load values into BigData Orange. In order to achieve this we developed the “Puits de donneés” platform completely based on Open Source Software. The visualization and statistical analysis part is handled by Grafana while the ETL runs on Apache Software Foundation products like NiFi, Zookeeper and Ambari with a storage solution from MariaDB for which we did extensive performance tuning and customization due to the large amounts of data.

More from OW2 (20)

OW2 and RIOS teaming up to boost the open source impact, Nov. 2022 in Roma

The Open Source Good Governance Initiative presented at RIOS OS Week, Nov. 20...

GLPi v.10, les fonctionnalités principales et l'offre cloud

Centreon: superviser le Cloud et le Legacy à partir d'une même plateforme, po...

FusionIAM : la gestion des identités et des accés open source

OW2 Association Européenne aux racines grenobloises, transformer l'industrie ...

SFScon'20 Bringing the User into the Equation

Towards a sustainable solution to open source sustainability, OW2online20, Ju...

Advanced proactive and polymorphing cloud application adaptation with MORPHEM...

Open Source governance and the Eclipse Foundation, OW2online, June 2020

Open source contribution policies, OW2online, June 2020

Software development at scale, pandemic lockdown and oss ecosystems, OW2onlin...

Overview of the OpenChain Reference Tooling Work Group, OW2online20, June 2020

Open Source Compliance at Orange, OW2online, June 2020

Ideas, methods and tools for OSS Compliance assessment, OW2online, June 2020

Intelligent package management with FASTEN, OW2online, June 2020

DECODER, a Smarter Environment for DevOps Teams , OW2online, June 2020

Enabling DevOps for IoT software development, powered by Open Source, OW2onli...

Upcoming Challenges in Artificial Intelligence Research and Development, OW2o...

Cacti and Big Data at Orange France, OW2online, June 2020

Recently uploaded

Free Complete Python - A step towards Data Science

RinaMondal9

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

20240607 QFM018 Elixir Reading List May 2024

Matthew Sinclair

Communications Mining Series - Zero to Hero - Session 1

DianaGray10

This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered: • Communication Mining Overview • Why is it important? • How can it help today’s business and the benefits • Phases in Communication Mining • Demo on Platform overview • Q/A

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems S.M.S.A.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Recently uploaded (20)

Free Complete Python - A step towards Data Science

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

PHP Frameworks: I want to break free (IPC Berlin 2024)

Removing Uninteresting Bytes in Software Fuzzing

20240607 QFM018 Elixir Reading List May 2024

Communications Mining Series - Zero to Hero - Session 1

DevOps and Testing slides at DASA Connect

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Microsoft - Power Platform_G.Aspiotis.pdf

FIDO Alliance Osaka Seminar: Overview.pdf

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

GraphRAG is All You need? LLM & Knowledge Graph

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

A tale of scale & speed: How the US Navy is enabling software delivery from l...

Epistemic Interaction - tuning interfaces to provide information for AI support

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

National Security Agency - NSA mobile device best practices

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.

1. LemonLDAP::NG 2.0 overview @clementoudot

2. 2 Clément OUDOT http://sflx.ca/coudot ● Founded in 1999 ● >100 persons ● Montréal, Quebec City, Ottawa, Paris ● ISO 9001:2004 / ISO 14001:2008 ● contact@savoirfairelinux.com

3. LemonLDAP::NG Presentation

4. 4 Some history 2003 2006 2010 2014 Project creation NG version V 1.0 SAML CAS OpenID V 1.4 V 2.0 OpenID Connect 2016

5. 5 Single Sign On User Web Application WebSSO Portal 1 2 3

6. 6 Access Control User Web Application 1 SSO 2 Authorization 3

7. 7 Components CommonCommon ManagerManager HandlerHandler PortalPortal Administration interface User interactions Applications protection

8. 8 Authentication backends LDAPLDAP ADAD ApacheApache SAMLSAML CASCAS RadiusRadius OpenIDOpenID WebIDWebID BrowserBrowser IDID DBIDBI YubikeyYubikey

9. 9 Self Service PasswordPassword changechange PasswordPassword resetreset AccountAccount CreationCreation

10. 10 Identity protocols gateway SAMLSAMLCASCAS OpenIDOpenID

11. Overview of version 2.0

12. 12 AngularJS Manager ● FrontEnd written with AngularJS ● Responsive design ● Configuration data as JSON ● Import/Export feature ● Edition of multiple values on the same screen ● Possibility to set a log message on save

13. 13

14. 14 Handler API ● No more direct link between Handler and mod_perl ● Creation of an internal API, with implementations: – Apache mod_perl 1 – Apache mod_perl 2 – CGI – Nginx – PSGI

15. 15 Portal skin background

16. 16 CAS attributes exchange ● Conform to CAS 3.0 standard ● Returns attributes in service ticket validation response, inside <cas:attributes> ● Compatible with phpCAS::getAttributes() function

17. 17 OpenID Connect ● Based on OAuth 2.0 / JOSE ● Specific scope “openid” to receive an ID token ● User consent required to share its identity ● Access token delivered to request UserInfo endpoint ● Already used by Google to manage authentication

18. 18 Roles Resource owner (end-user) Client (third-party) Authorization Server Resource Server

19. 19 Authorization Request Authorization Grant Authorization Grant Access Token Access Token Protected Resource

20. 20 RPRP OPOP (1) AuthN Request (2) AuthN & AuthZ (3) AuthN Response (4) UserInfo Request (5) UserInfo Response

21. 21 http://jwt.io/

22. 22

23. 23 France Connect ● French administration choose OpenID Connect for its next generation authentication platform ● LemonLDAP::NG 2.0 : – Can be client of France Connect: users will be able to sign with their France Connect identity – Can be provider of France Connect: France Connect can delegate authentication to LemonLDAP::NG

24. Thanks for your attention @clementoudot http://sflx.ca/coudot

LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (20)

Similar to LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.

Similar to LemonLDAP::NG 2.0. OW2con'15, November 17, Paris. (20)

More from OW2

More from OW2 (20)

Recently uploaded

Recently uploaded (20)

LemonLDAP::NG 2.0. OW2con'15, November 17, Paris.