SlideShare a Scribd company logo

WSO2Con USA 2017: Building a Secure Enterprise

Download as PPTX, PDF
WSO2
WSO2

This document discusses building a secure enterprise identity and access management system using WSO2 Identity Server. It covers the architecture of WSO2 Identity Server and how it implements standards like SAML, OAuth, OpenID Connect, XACML and SCIM. It describes how single sign-on and access control work across multiple service providers. It also discusses how to manage user identities across different systems using federated provisioning and integrating external user stores.

Technology
1 of 55
Building a Secure Enterprise Johann Dilantha Nallathamby Technical Lead WSO2 Rushmin Fernando Technical Lead WSO2
Agenda • WSO2 Identity Server Architecture • SAML2 Single Sign-On/Single Logout • XACML 3.0 • OAuth 2.0 • OpenID Connect • User Management • SCIM 2.0 • Plugging an external Identity Store • Identity Cloud
Identity Server Architecture
SAML SSO Identity provider (e.g. WSO2 IS) Service provider (e.g. inventory) User data
SAML SSO - User Experience
SAML SSO - Login to Another Service Provider Identity provider (e.g. WSO2 IS) Service provider 2 (e.g. Accounts dept.) User data Service provider 1 (e.g. inventory) 4. Bypass login page
SAML SSO Identity provider (e.g. WSO2 IS) Service provider 1 (SP1) Service provider 2 (SP2) Session ID SP IS1 SP1 IS1 SP2 IS2 SP2
SAML Single Logout Identity provider (e.g. WSO2 IS) Service provider 1 (SP1) Service provider 2 (SP2) Session ID SP IS1 SP1 IS1 SP2 IS2 SP2 Logout (session: S1)
What the User Can Do... Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details User = Jane User = David User = Tao
What the User Can Do (Ctd...) Service provider 1 (SP1) User = Jane User = David User = Tao Access control policy If user = Tao and resource = /data/archives Permit. If role = Clark and action = write Deny. If role = Manager and resource = /data/files Permit.
XACML - Architecture /data/files /data/archives /data/visualize /data/details Policy decision Point If user = jane Permit. If role = clark and Action = write Deny. Policy Store Policy Administration Point Policy Enforcement Point(PEP) User = Tao User = David User = Jane
XACML - Policy Decision Flow Policy Enforcement Point(PEP) User = Jane User = David User = Tao Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details Policy decision point If user = jane Permit. If role = clark and Action = write Deny. Access policy 1
XACML - Policy Policy Target Rule (effect = permit) Target Condition Rule …...... Rule …...... Activation conditions for the rule set Activation conditions for the rule Conditions for the rule Decision if target and condition are true
XACML - Policy (Ctd...) <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="BankOne_account_access_policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0"> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/bankone/accounts/*</AttributeValue> <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Match> </AllOf> </AnyOf> </Target> <Rule Effect="Permit" RuleId="update_accounts_rule"> …. </Rule> ….... </Policy> If resource matches /bankone/accounts/* Activation conditions for the rule set
XACML - Policy (Rules) <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="BankOne_account_access_policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0"> <Target> ..... </Target> <Rule Effect="Permit" RuleId="update_accounts_rule"> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="...#string">/bankone/accounts/update/*</AttributeValue> <AttributeDesignator AttributeId="...:resource:resource-id" Category="...:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Match> </AllOf> </AnyOf> </Target> <Condition> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of"> <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">manager</AttributeValue> <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Apply> </Condition> </Rule> <Rule Effect="Permit" RuleId="read_accounts_rule"> … </Rule> </Policy> Permit if conditions satisfy If resource matches /bankone/accounts/update/* If role is manager
XACML Request <Request xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" CombinedDecision="false" ReturnPolicyIdList="false"> <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" IncludeInResult="false"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">bob</AttributeValue> </Attribute> </Attributes> <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" IncludeInResult="false"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/bankone/accounts/read/a1</AttributeValue> </Attribute> </Attributes> </Request> Subject = bob Resource = /bankone/accounts/read/a1
XACML - Policy Enforcement Policy Enforcement Point(PEP) User = Jane User = David User = Tao Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details Policy decision If user = jane Permit. If role = clark and Action = write Deny. Access policy 1
XACML - Policy Enforcement WSO2 ESB Proxy service Entitlement Service provider 1 (SP1) On accept On reject SendDrop Property [Set user] Property [Set resource] Policy decision (WSO2 IS)
Render menu items in a web app based on the logged- in user’s fine-grained permissions
XACML Demo
Bring a Token... Service provider Access resource R1 Does the user has permission to access R1? Service provider Access resource R1 Check if R1 is authorized for the given token Token
But.. How does a user get a token? How do we know if a given token has permission to access a resource?
OAuth 2.0 •Access is granted to authorized tokens •Users obtain tokens from an authorization server •Resource servers validate the authorization of a token with authorization server Tokens are authorized for scopes Each protected resource + action has to be mapped to a scope
OAuth 2.0 (Ctd...) Service provider Read resource R1 Authorization server Token (T1) Resource Action Scope R1 read R1_read R1 write R1_write R2 read R2_read Token Scope T1 R1_read T2 R1_read T3 R2_read T3 R2_write Is T1 authorized for R1_read?
Now … How to get a token?
Access On Behalf of a User Eg: A web app wants to access photos stored in PhotoServer Web app Access photos in collection A I need a Oauth2 token with scope “photos_A” PhotoServer
Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer Web app PhotoServer Client ID Client secret 1. Register webapp 2. Generate client ID / client secret 3. Configure callback URL 4. Configure OAuth2 URLs 5. Set client ID / client secret Application Developer
Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer Web app PhotoServer Client ID Client secret Auth code
Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer PhotoServer Web app Client ID Client secret 5. Send Token
Client – One who wants to access the resource E.g. Web app Observations E.g. A web app want to access photos stored in PhotoServer Web app User – One who has permissions to the resource E.g. Jane – Jane's web browser Resource server – One who contains the resource Authorization server – One who grants access to the resource E.g. Facebook PhotoServer
Delegating the authorization Web app PhotoServer Authorization server 1. Access web app
Delegating the authorization (Ctd...) Web app PhotoServer Authorization server 7. Request photos 6.Tokengiven
Delegating the authorization (Ctd...) Web app PhotoServer Authorization server 8. Validate token for scope “photos_A” 9. Validation response Token Scope T1 photos_A T2 photos_B T3 photos_A T3 photos_B
Federated Access to APIs
Federated Access to APIs
Self Contained Access Tokens
Multiple OAuth2 Apps with No Shared Credentials
Multiple OAuth2 Apps with No Shared Credentials (Self-issued JWT)
Accessing APIs via desktop clients (kerberos)
Token Exchange
Fine-grained access control for APIs
OAuth 2.0 is for delegated access control. Can we extend this for authentication?
A Simple Approach... Similar to clients are authorized to access resources, clients can be authorized to access user data Web app Log in Identity server Read Jane's profile
OpenID Connect SSO Web app 1. Log in 3. Authenticate 4. Auth code Client ID Secret Auth code Identity server
6. OpenID Connect SSO (Ctd...) Web app Client ID Secret Auth code Identity server Access token: Authorizes user info access ID token: Authenticates the user
OpenID Connect SSO (Ctd...) Web app Identity server 8. First name: Jane Address: 65, Ed.. Tel: +61 93...
Adding Users WSO2 IS Management Console
Adding Users? (Ctd..) Hot deploy multiple user stores
Adding Users? (Ctd..) SCIM – System for Cross-domain Identity Management SCIM endpoints
Adding Users? (Ctd..) curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Ekanayake","givenName":"Chathura"}, "userName":"chathura","password":"pass123", …........}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users
Adding Users to Many Other Parties... Identity server Identity server Logistics Head office Accounting Add user to all Identity Servers! Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com
Federated Provisioning Identity server Identity server Identity server Logistics Head office Accounting Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com
Provisioning Bridge IS1 - Logistics SCIM endpoint IDP - IS2 SCIM SPML IS2 – Head office SCIM endpoint WS SCIM SCIM SOAP
Integrating External User Stores Identity server Logistics Identity server Head office Username: jane Password: jane123 Email: saman@wso2.com 1. Access request 2 .Auth request 3. Auth request 4. Auth response IS1 User store 5. Add user
Thank You!

Recommended

WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2
 
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital TransformationWSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
Sitecore Security Overview
Sitecore Security OverviewSitecore Security Overview
Sitecore Security Overview
Randy Woods
 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social Login
Michele Leroux Bustamante
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2
 
[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management
WSO2
 

Recommended

WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity ManagementWSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2Con USA 2017: Introduction to Security: End-to-End Identity Management
WSO2
 
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2Con USA 2017: Identity and Access Management in the Era of Digital Transf...
WSO2
 
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital TransformationWSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2Con USA 2017: Opening Keynote - Vision for Agile Digital Transformation
WSO2
 
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity ServerWSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2Con USA 2017: Enhancing Customer Experience with WSO2 Identity Server
WSO2
 
Sitecore Security Overview
Sitecore Security OverviewSitecore Security Overview
Sitecore Security Overview
Randy Woods
 
The Power of Social Login
The Power of Social LoginThe Power of Social Login
The Power of Social Login
Michele Leroux Bustamante
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2
 
[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management[WSO2Con EU 2017] Cloud-Native API Management
[WSO2Con EU 2017] Cloud-Native API Management
WSO2
 
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Chris Gillum
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
Joonas Westlin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
Brian Culver
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Peter Selch Dahl
 
Deploying your static web app to the Cloud
Deploying your static web app to the CloudDeploying your static web app to the Cloud
Deploying your static web app to the Cloud
Christoffer Noring
 
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
WSO2
 
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
WSO2
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
Kashif Imran
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easy
Sjoukje Zaal
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
Sjoukje Zaal
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, August
Kanio Dimitrov
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101
Stormpath
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
Sjoukje Zaal
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
Kris Wagner
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authentication
jeremysbrown
 
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2
 
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker UptakeWSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2
 

More Related Content

What's hot

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Chris Gillum
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
Joonas Westlin
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
Brian Culver
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Peter Selch Dahl
 
Deploying your static web app to the Cloud
Deploying your static web app to the CloudDeploying your static web app to the Cloud
Deploying your static web app to the Cloud
Christoffer Noring
 
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
WSO2
 
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
WSO2
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
Kashif Imran
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...Liam Cleary [MVP]
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easy
Sjoukje Zaal
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
Sjoukje Zaal
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, August
Kanio Dimitrov
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101
Stormpath
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
Sjoukje Zaal
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
Kris Wagner
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authentication
jeremysbrown
 

What's hot (20)

Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
 
Building a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable FunctionsBuilding a document e-signing workflow with Azure Durable Functions
Building a document e-signing workflow with Azure Durable Functions
 
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
SharePointFest 2013 Washington DC - SPT 103 - SharePoint 2013 Extranets: How ...
 
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
WSO2Con USA 2017: Multi-tenanted, Role-based Identity & Access Management sol...
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
 
Deploying your static web app to the Cloud
Deploying your static web app to the CloudDeploying your static web app to the Cloud
Deploying your static web app to the Cloud
 
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
[WSO2Con EU 2017] Microservice Architecture (MSA) and Integration Microservices
 
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
[WSO2Con EU 2017] Ballerina Connectors for Seamless Integration
 
SharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims AuthSharePoint, ADFS and Claims Auth
SharePoint, ADFS and Claims Auth
 
SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...SharePoint Saturday The Conference DC - How the client object model saved the...
SharePoint Saturday The Conference DC - How the client object model saved the...
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
 
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
WSO2Con USA 2017: Managing Verifone’s New Payment Device “Carbon” with WSO2’s...
 
DevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easyDevSum: Azure AD B2C Application security made easy
DevSum: Azure AD B2C Application security made easy
 
Azure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2BAzure Saturday: External Collaboration With Azure AD B2B
Azure Saturday: External Collaboration With Azure AD B2B
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, August
 
Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101Mobile Authentication for iOS Applications - Stormpath 101
Mobile Authentication for iOS Applications - Stormpath 101
 
Dear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2BDear Azure: External collaboration with Azure AD B2B
Dear Azure: External collaboration with Azure AD B2B
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
 
Web API 2 Token Based Authentication
Web API 2 Token Based AuthenticationWeb API 2 Token Based Authentication
Web API 2 Token Based Authentication
 

Viewers also liked

WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2
 
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker UptakeWSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2
 
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
WSO2
 
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
WSO2
 
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
WSO2
 
WSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
WSO2Con USA 2017: Building a Successful Delivery Team for Customer SuccessWSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
WSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
WSO2
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2
 
WSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline OperationsWSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline Operations
WSO2
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital Transformation
WSO2
 
WSO2Con USA 2017: DevOps Best Practices in 7 Steps
WSO2Con USA 2017: DevOps Best Practices in 7 StepsWSO2Con USA 2017: DevOps Best Practices in 7 Steps
WSO2Con USA 2017: DevOps Best Practices in 7 Steps
WSO2
 
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
WSO2
 
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
WSO2
 
WSO2Con USA 2017: Identity Solution Patterns
WSO2Con USA 2017: Identity Solution PatternsWSO2Con USA 2017: Identity Solution Patterns
WSO2Con USA 2017: Identity Solution Patterns
WSO2
 
WSO2Con USA 2017: Building an Effective API Architecture
WSO2Con USA 2017: Building an Effective API ArchitectureWSO2Con USA 2017: Building an Effective API Architecture
WSO2Con USA 2017: Building an Effective API Architecture
WSO2
 
Java Performance and Profiling
Java Performance and ProfilingJava Performance and Profiling
Java Performance and Profiling
WSO2
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
WSO2
 
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2
 
Identity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital TransformationIdentity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital Transformation
WSO2
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
WSO2
 

Viewers also liked (20)

WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
WSO2Con USA 2017: Rise to the Challenge with WSO2 Identity Server and WSO2 AP...
 
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker UptakeWSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
WSO2Con USA 2017: Positioning WSO2 for Quicker Uptake
 
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
WSO2Con USA 2017: Iterative Architecture: A Pragmatic Approach to Digital Tra...
 
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
WSO2Con USA 2017: Providing a Pathway from Stovepipe Systems to a Secure SOA ...
 
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
WSO2Con USA 2017: WSO2 Partner Program – Engaging with WSO2
 
WSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
WSO2Con USA 2017: Building a Successful Delivery Team for Customer SuccessWSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
WSO2Con USA 2017: Building a Successful Delivery Team for Customer Success
 
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
WSO2Con USA 2017: Journey of Migration from Legacy ESB to Modern WSO2 ESB Pla...
 
WSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline OperationsWSO2Con USA 2017: IoT in Airline Operations
WSO2Con USA 2017: IoT in Airline Operations
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital Transformation
 
WSO2Con USA 2017: DevOps Best Practices in 7 Steps
WSO2Con USA 2017: DevOps Best Practices in 7 StepsWSO2Con USA 2017: DevOps Best Practices in 7 Steps
WSO2Con USA 2017: DevOps Best Practices in 7 Steps
 
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
WSO2Con USA 2017: Integrating Systems for University of Exeter using Zero and...
 
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
WSO2Con USA 2017: Implementing a Modern API Management Solution that Benefits...
 
WSO2Con USA 2017: Identity Solution Patterns
WSO2Con USA 2017: Identity Solution PatternsWSO2Con USA 2017: Identity Solution Patterns
WSO2Con USA 2017: Identity Solution Patterns
 
WSO2Con USA 2017: Building an Effective API Architecture
WSO2Con USA 2017: Building an Effective API ArchitectureWSO2Con USA 2017: Building an Effective API Architecture
WSO2Con USA 2017: Building an Effective API Architecture
 
Java Performance and Profiling
Java Performance and ProfilingJava Performance and Profiling
Java Performance and Profiling
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
 
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
WSO2Con USA 2017: Building Enterprise Grade IoT Architectures for Digital Tra...
 
Identity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital TransformationIdentity and Access Management in the Era of Digital Transformation
Identity and Access Management in the Era of Digital Transformation
 
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
Detecção de Fraudes em Licitações Usando Batch Analytics com WSO2
 

Similar to WSO2Con USA 2017: Building a Secure Enterprise

CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
Sam Bowne
 
24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf
Tomasz Kopacz
 
SharePoint Client Object Model (CSOM)
SharePoint Client Object Model (CSOM)SharePoint Client Object Model (CSOM)
SharePoint Client Object Model (CSOM)
Kashif Imran
 
Containerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS LambdaContainerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS Lambda
Ryan Cuprak
 
Developing an intranet on office 365
Developing an intranet on office 365Developing an intranet on office 365
Developing an intranet on office 365Eric Shupps
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
Devnology
 
Back to basics: Simple database web services without the need for SOA
Back to basics: Simple database web services without the need for SOABack to basics: Simple database web services without the need for SOA
Back to basics: Simple database web services without the need for SOA
Sage Computing Services
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceRoger Kitain
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
Eric Shupps
 
Rest Security with JAX-RS
Rest Security with JAX-RSRest Security with JAX-RS
Rest Security with JAX-RSFrank Kim
 
AWS IoT Deep Dive
AWS IoT Deep DiveAWS IoT Deep Dive
AWS IoT Deep Dive
Kristana Kane
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & sync
mdevtalk
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
Jason Chan
 
Hacking 101 (Session 2)
Hacking 101 (Session 2)Hacking 101 (Session 2)
Hacking 101 (Session 2)
Nitroxis Sprl
 
SoftLayer API 12032015
SoftLayer API 12032015SoftLayer API 12032015
SoftLayer API 12032015
Nacho Daza
 
Site activity & performance analysis
Site activity & performance analysisSite activity & performance analysis
Site activity & performance analysisEyal Vardi
 
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
CA API Management
 
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
Amazon Web Services
 
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
Amazon Web Services
 

Similar to WSO2Con USA 2017: Building a Secure Enterprise (20)

CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
CNIT 128: 6: Mobile services and mobile Web (part 1: Beginning Through OAuth)
 
24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf24032022 Zero Trust for Developers Pub.pdf
24032022 Zero Trust for Developers Pub.pdf
 
SharePoint Client Object Model (CSOM)
SharePoint Client Object Model (CSOM)SharePoint Client Object Model (CSOM)
SharePoint Client Object Model (CSOM)
 
Containerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS LambdaContainerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS Lambda
 
Developing an intranet on office 365
Developing an intranet on office 365Developing an intranet on office 365
Developing an intranet on office 365
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
Back to basics: Simple database web services without the need for SOA
Back to basics: Simple database web services without the need for SOABack to basics: Simple database web services without the need for SOA
Back to basics: Simple database web services without the need for SOA
 
Sharepoint Online
Sharepoint OnlineSharepoint Online
Sharepoint Online
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 Conference
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
 
Rest Security with JAX-RS
Rest Security with JAX-RSRest Security with JAX-RS
Rest Security with JAX-RS
 
AWS IoT Deep Dive
AWS IoT Deep DiveAWS IoT Deep Dive
AWS IoT Deep Dive
 
Paul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & syncPaul Lammertsma: Account manager & sync
Paul Lammertsma: Account manager & sync
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
 
Hacking 101 (Session 2)
Hacking 101 (Session 2)Hacking 101 (Session 2)
Hacking 101 (Session 2)
 
SoftLayer API 12032015
SoftLayer API 12032015SoftLayer API 12032015
SoftLayer API 12032015
 
Site activity & performance analysis
Site activity & performance analysisSite activity & performance analysis
Site activity & performance analysis
 
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...
 
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
 
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
(SEC309) Amazon VPC Configuration: When Least Privilege Meets the Penetration...
 

More from WSO2

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
WSO2
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
WSO2
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
WSO2
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
WSO2
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
WSO2
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2
 

More from WSO2 (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
architecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdfarchitecting-ai-in-the-enterprise-apis-and-applications.pdf
architecting-ai-in-the-enterprise-apis-and-applications.pdf
 
Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2Driving Innovation: Scania's API Revolution with WSO2
Driving Innovation: Scania's API Revolution with WSO2
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
WSO2CON 2024 - Unlocking the Identity: Embracing CIAM 2.0 for a Competitive A...
 
WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the CloudWSO2CON 2024 - Elevating the Integration Game to the Cloud
WSO2CON 2024 - Elevating the Integration Game to the Cloud
 
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & InnovationWSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
WSO2CON 2024 - OSU & WSO2: A Decade Journey in Integration & Innovation
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 
WSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital BusinessesWSO2CON 2024 - Software Engineering for Digital Businesses
WSO2CON 2024 - Software Engineering for Digital Businesses
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of TransformationWSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
WSO2CON 2024 - Designing Event-Driven Enterprises: Stories of Transformation
 

Recently uploaded

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 

Recently uploaded (20)

Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 

WSO2Con USA 2017: Building a Secure Enterprise

  • 1. Building a Secure Enterprise Johann Dilantha Nallathamby Technical Lead WSO2 Rushmin Fernando Technical Lead WSO2
  • 2. Agenda • WSO2 Identity Server Architecture • SAML2 Single Sign-On/Single Logout • XACML 3.0 • OAuth 2.0 • OpenID Connect • User Management • SCIM 2.0 • Plugging an external Identity Store • Identity Cloud
  • 4. SAML SSO Identity provider (e.g. WSO2 IS) Service provider (e.g. inventory) User data
  • 5. SAML SSO - User Experience
  • 6. SAML SSO - Login to Another Service Provider Identity provider (e.g. WSO2 IS) Service provider 2 (e.g. Accounts dept.) User data Service provider 1 (e.g. inventory) 4. Bypass login page
  • 7. SAML SSO Identity provider (e.g. WSO2 IS) Service provider 1 (SP1) Service provider 2 (SP2) Session ID SP IS1 SP1 IS1 SP2 IS2 SP2
  • 8. SAML Single Logout Identity provider (e.g. WSO2 IS) Service provider 1 (SP1) Service provider 2 (SP2) Session ID SP IS1 SP1 IS1 SP2 IS2 SP2 Logout (session: S1)
  • 9. What the User Can Do... Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details User = Jane User = David User = Tao
  • 10. What the User Can Do (Ctd...) Service provider 1 (SP1) User = Jane User = David User = Tao Access control policy If user = Tao and resource = /data/archives Permit. If role = Clark and action = write Deny. If role = Manager and resource = /data/files Permit.
  • 11. XACML - Architecture /data/files /data/archives /data/visualize /data/details Policy decision Point If user = jane Permit. If role = clark and Action = write Deny. Policy Store Policy Administration Point Policy Enforcement Point(PEP) User = Tao User = David User = Jane
  • 12. XACML - Policy Decision Flow Policy Enforcement Point(PEP) User = Jane User = David User = Tao Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details Policy decision point If user = jane Permit. If role = clark and Action = write Deny. Access policy 1
  • 13. XACML - Policy Policy Target Rule (effect = permit) Target Condition Rule …...... Rule …...... Activation conditions for the rule set Activation conditions for the rule Conditions for the rule Decision if target and condition are true
  • 14. XACML - Policy (Ctd...) <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="BankOne_account_access_policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0"> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/bankone/accounts/*</AttributeValue> <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Match> </AllOf> </AnyOf> </Target> <Rule Effect="Permit" RuleId="update_accounts_rule"> …. </Rule> ….... </Policy> If resource matches /bankone/accounts/* Activation conditions for the rule set
  • 15. XACML - Policy (Rules) <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="BankOne_account_access_policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0"> <Target> ..... </Target> <Rule Effect="Permit" RuleId="update_accounts_rule"> <Target> <AnyOf> <AllOf> <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="...#string">/bankone/accounts/update/*</AttributeValue> <AttributeDesignator AttributeId="...:resource:resource-id" Category="...:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Match> </AllOf> </AnyOf> </Target> <Condition> <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:any-of"> <Function FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal"/> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">manager</AttributeValue> <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> </Apply> </Condition> </Rule> <Rule Effect="Permit" RuleId="read_accounts_rule"> … </Rule> </Policy> Permit if conditions satisfy If resource matches /bankone/accounts/update/* If role is manager
  • 16. XACML Request <Request xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" CombinedDecision="false" ReturnPolicyIdList="false"> <Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" IncludeInResult="false"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">bob</AttributeValue> </Attribute> </Attributes> <Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> <Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" IncludeInResult="false"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/bankone/accounts/read/a1</AttributeValue> </Attribute> </Attributes> </Request> Subject = bob Resource = /bankone/accounts/read/a1
  • 17. XACML - Policy Enforcement Policy Enforcement Point(PEP) User = Jane User = David User = Tao Service provider 1 (SP1) /data/files /data/archives /data/visualize /data/details Policy decision If user = jane Permit. If role = clark and Action = write Deny. Access policy 1
  • 18. XACML - Policy Enforcement WSO2 ESB Proxy service Entitlement Service provider 1 (SP1) On accept On reject SendDrop Property [Set user] Property [Set resource] Policy decision (WSO2 IS)
  • 19. Render menu items in a web app based on the logged- in user’s fine-grained permissions
  • 21. Bring a Token... Service provider Access resource R1 Does the user has permission to access R1? Service provider Access resource R1 Check if R1 is authorized for the given token Token
  • 22. But.. How does a user get a token? How do we know if a given token has permission to access a resource?
  • 23. OAuth 2.0 •Access is granted to authorized tokens •Users obtain tokens from an authorization server •Resource servers validate the authorization of a token with authorization server Tokens are authorized for scopes Each protected resource + action has to be mapped to a scope
  • 24. OAuth 2.0 (Ctd...) Service provider Read resource R1 Authorization server Token (T1) Resource Action Scope R1 read R1_read R1 write R1_write R2 read R2_read Token Scope T1 R1_read T2 R1_read T3 R2_read T3 R2_write Is T1 authorized for R1_read?
  • 25. Now … How to get a token?
  • 26. Access On Behalf of a User Eg: A web app wants to access photos stored in PhotoServer Web app Access photos in collection A I need a Oauth2 token with scope “photos_A” PhotoServer
  • 27. Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer Web app PhotoServer Client ID Client secret 1. Register webapp 2. Generate client ID / client secret 3. Configure callback URL 4. Configure OAuth2 URLs 5. Set client ID / client secret Application Developer
  • 28. Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer Web app PhotoServer Client ID Client secret Auth code
  • 29. Access On Behalf of a User (Ctd...) Eg: A web app wants to access photos stored in PhotoServer PhotoServer Web app Client ID Client secret 5. Send Token
  • 30. Client – One who wants to access the resource E.g. Web app Observations E.g. A web app want to access photos stored in PhotoServer Web app User – One who has permissions to the resource E.g. Jane – Jane's web browser Resource server – One who contains the resource Authorization server – One who grants access to the resource E.g. Facebook PhotoServer
  • 31. Delegating the authorization Web app PhotoServer Authorization server 1. Access web app
  • 32. Delegating the authorization (Ctd...) Web app PhotoServer Authorization server 7. Request photos 6.Tokengiven
  • 33. Delegating the authorization (Ctd...) Web app PhotoServer Authorization server 8. Validate token for scope “photos_A” 9. Validation response Token Scope T1 photos_A T2 photos_B T3 photos_A T3 photos_B
  • 37. Multiple OAuth2 Apps with No Shared Credentials
  • 38. Multiple OAuth2 Apps with No Shared Credentials (Self-issued JWT)
  • 39. Accessing APIs via desktop clients (kerberos)
  • 42. OAuth 2.0 is for delegated access control. Can we extend this for authentication?
  • 43. A Simple Approach... Similar to clients are authorized to access resources, clients can be authorized to access user data Web app Log in Identity server Read Jane's profile
  • 44. OpenID Connect SSO Web app 1. Log in 3. Authenticate 4. Auth code Client ID Secret Auth code Identity server
  • 45. 6. OpenID Connect SSO (Ctd...) Web app Client ID Secret Auth code Identity server Access token: Authorizes user info access ID token: Authenticates the user
  • 46. OpenID Connect SSO (Ctd...) Web app Identity server 8. First name: Jane Address: 65, Ed.. Tel: +61 93...
  • 47. Adding Users WSO2 IS Management Console
  • 48. Adding Users? (Ctd..) Hot deploy multiple user stores
  • 49. Adding Users? (Ctd..) SCIM – System for Cross-domain Identity Management SCIM endpoints
  • 50. Adding Users? (Ctd..) curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Ekanayake","givenName":"Chathura"}, "userName":"chathura","password":"pass123", …........}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users
  • 51. Adding Users to Many Other Parties... Identity server Identity server Logistics Head office Accounting Add user to all Identity Servers! Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com
  • 52. Federated Provisioning Identity server Identity server Identity server Logistics Head office Accounting Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com Username: saman Password: saman123 Email: saman@wso2.com
  • 53. Provisioning Bridge IS1 - Logistics SCIM endpoint IDP - IS2 SCIM SPML IS2 – Head office SCIM endpoint WS SCIM SCIM SOAP
  • 54. Integrating External User Stores Identity server Logistics Identity server Head office Username: jane Password: jane123 Email: saman@wso2.com 1. Access request 2 .Auth request 3. Auth request 4. Auth response IS1 User store 5. Add user