Successfully reported this slideshow.

WSO2 Identity Server


Published on

Published in: Technology
  • Be the first to comment

WSO2 Identity Server

  1. 1. Associate  Technical  Lead    &  Product  Lead  of   WSO2  Iden:ty  Server   Johann  Dilantha  Nallathamby   WSO2  Iden6ty  Server  5.0.0   Iden:ty  &  Access  Management   Redesigned  
  2. 2. 2   About  the  Presenter(s)   ๏  Johann  Dilantha  Nallathamby   ๏  Associate  Technical  Lead  &   Product  Lead  of  WSO2   Iden6ty  Server   ๏  
  3. 3. 3   About  WSO2   ๏  Global  enterprise,  founded  in  2005   by  acknowledged  leaders  in  XML,   web  services    technologies,   standards    and  open  source   ๏  Provides  only  open  source   plaRorm-­‐as-­‐a-­‐service  for  private,   public  and  hybrid  cloud   deployments   ๏  All  WSO2  products  are  100%  open   source  and  released  under  the   Apache  License  Version  2.0.   ๏  Is  an  Ac6ve  Member  of  OASIS,   Cloud  Security  Alliance,  OSGi   Alliance,  AMQP  Working  Group,   OpenID  Founda6on  and  W3C.   ๏  Driven  by  Innova6on   ๏  Launched  first  open  source  API   Management  solu6on  in  2012   ๏  Launched  App  Factory  in  2Q   2013   ๏  Launched  Enterprise  Store  and   first  open  source  Mobile   solu6on  in  4Q  2013  
  4. 4. 4   What  WSO2  delivers  
  5. 5. Outline   o  What  is  WSO2  Iden6ty  Server?   o  What’s  new  in  Iden6ty  Server  5.0.0?   o  Demo   o  Q&A   5  
  6. 6. What  is  WSO2  Iden6ty  Server   6   An  open  source  Iden:ty  &  En:tlement   management  server   o  100%  free  and  open  source  with  commercial  support   o  Light  weight  and  high  performance   o  Highly  modular  and  extensible   o  User  friendly  with  minimal  learning  curve   o  Based  on  open  standards  
  7. 7. Features  (Before  IS  5.0.0)   7   o  Authen6ca6on   o  Authoriza6on   o  Federa6on   o  Provisioning   o  Iden6ty  Management  &  Self  Provisioning  
  8. 8. Authen6ca6on   8  
  9. 9. o  OpenID   o  Simple  Registra6on  Extension  Profile   o  Ahribute  Exchange  Profile   o  SAML2  Web  SSO   o  SAML2  Web  Single  Logout   o  SAML2  Basic  Ahribute  Profile   o  OAuth2/OpenID  Connect   o  WS-­‐Federa6on  Passive  Profile   Open  Standards  for  Inbound   Authen6ca6on   9  
  10. 10. o  Role  Based   o  Permission  Based   o  XACML  2.0/3.0   Authoriza6on   10  
  11. 11. o  WS-­‐Trust  1.3/1.4   o  SAML2  Bearer  Asser6on  Profile  for  OAuth2   o  No  out  of  the  federated  SSO  support   Federa6on   11  
  12. 12. o  Inbound  and  Outbound  provisioning  with   SCIM  1.1   o  Non  standard  User/Group  management  WS   APIs  for  Inbound  Provisioning  only.   o  Non  standards  Role/Permission  WS  APIs  for   Inbound  Provisioning  only   Provisioning   12  
  13. 13. o  Password  policies   o  Password  strength   o  Minimum  length   o  Password  retry  counts   o  One-­‐Time-­‐Passwords   o  Email  verifica6on   o  User  account  locking   o  Self-­‐Sign-­‐Up   o  Password  Reset  using  Secret  Ques6ons   o  Password  Reset  using  Email  verifica6on   Iden6ty  Management  and  Self   Provisioning   13  
  14. 14. What's  new  with  Iden6ty  Server  5.0.0   o  Iden6ty  Federa6on  Bus   o  Home  Realm  Discovery   o  Mul6-­‐op6on  and  mul6-­‐step  authen6ca6on   o  Authen6ca6on  Bridge   o  Just-­‐In-­‐Time  Provisioning   o  Claim  Mapping   o  Role  Mapping   o  Provisioning  Bridge   o  User  store  connector   o  SCIM  1.1  connector   o  SPML  v2  –  DSML  v2  connector   o  Salesforce  connector   o  Google  Apps  connector   14  
  15. 15. What's  new  with  Iden6ty  Server  5.0.0   15   o  End-­‐user  dashboard   o  SAML2  Web  SSO  Request/Response  validator  tool   o  Integrated  Windows  Authen6ca6on  (IWA)  authen6ca6on   o  Encrypted  SAML2  Asser6ons   o  Remote  User  Store  Management   o  Applica6on  specific  permissions   o  NTLM  grant  type  for  OAuth2  
  16. 16. 16   Demo  Time!!!  
  17. 17. 17   SAML2.0 Web SSO Scenario  1   OpenID Connect OAuth2 Playground
  18. 18. 18   Scenario  2   SAML2.0 Request Facebook Connect
  19. 19. 19   More  Informa6on  !   ๏  Download  Iden6ty  Server  5.0.0  at   hhp://­‐server/   ๏  Documenta6on  available  at   hhps://  
  20. 20. 20   Business  Model  
  21. 21. Contact us !