Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

WSO2 Identity Server


Published on

Published in: Technology
  • Be the first to comment

WSO2 Identity Server

  1. 1. Associate  Technical  Lead    &  Product  Lead  of   WSO2  Iden:ty  Server   Johann  Dilantha  Nallathamby   WSO2  Iden6ty  Server  5.0.0   Iden:ty  &  Access  Management   Redesigned  
  2. 2. 2   About  the  Presenter(s)   ๏  Johann  Dilantha  Nallathamby   ๏  Associate  Technical  Lead  &   Product  Lead  of  WSO2   Iden6ty  Server   ๏  
  3. 3. 3   About  WSO2   ๏  Global  enterprise,  founded  in  2005   by  acknowledged  leaders  in  XML,   web  services    technologies,   standards    and  open  source   ๏  Provides  only  open  source   plaRorm-­‐as-­‐a-­‐service  for  private,   public  and  hybrid  cloud   deployments   ๏  All  WSO2  products  are  100%  open   source  and  released  under  the   Apache  License  Version  2.0.   ๏  Is  an  Ac6ve  Member  of  OASIS,   Cloud  Security  Alliance,  OSGi   Alliance,  AMQP  Working  Group,   OpenID  Founda6on  and  W3C.   ๏  Driven  by  Innova6on   ๏  Launched  first  open  source  API   Management  solu6on  in  2012   ๏  Launched  App  Factory  in  2Q   2013   ๏  Launched  Enterprise  Store  and   first  open  source  Mobile   solu6on  in  4Q  2013  
  4. 4. 4   What  WSO2  delivers  
  5. 5. Outline   o  What  is  WSO2  Iden6ty  Server?   o  What’s  new  in  Iden6ty  Server  5.0.0?   o  Demo   o  Q&A   5  
  6. 6. What  is  WSO2  Iden6ty  Server   6   An  open  source  Iden:ty  &  En:tlement   management  server   o  100%  free  and  open  source  with  commercial  support   o  Light  weight  and  high  performance   o  Highly  modular  and  extensible   o  User  friendly  with  minimal  learning  curve   o  Based  on  open  standards  
  7. 7. Features  (Before  IS  5.0.0)   7   o  Authen6ca6on   o  Authoriza6on   o  Federa6on   o  Provisioning   o  Iden6ty  Management  &  Self  Provisioning  
  8. 8. Authen6ca6on   8  
  9. 9. o  OpenID   o  Simple  Registra6on  Extension  Profile   o  Ahribute  Exchange  Profile   o  SAML2  Web  SSO   o  SAML2  Web  Single  Logout   o  SAML2  Basic  Ahribute  Profile   o  OAuth2/OpenID  Connect   o  WS-­‐Federa6on  Passive  Profile   Open  Standards  for  Inbound   Authen6ca6on   9  
  10. 10. o  Role  Based   o  Permission  Based   o  XACML  2.0/3.0   Authoriza6on   10  
  11. 11. o  WS-­‐Trust  1.3/1.4   o  SAML2  Bearer  Asser6on  Profile  for  OAuth2   o  No  out  of  the  federated  SSO  support   Federa6on   11  
  12. 12. o  Inbound  and  Outbound  provisioning  with   SCIM  1.1   o  Non  standard  User/Group  management  WS   APIs  for  Inbound  Provisioning  only.   o  Non  standards  Role/Permission  WS  APIs  for   Inbound  Provisioning  only   Provisioning   12  
  13. 13. o  Password  policies   o  Password  strength   o  Minimum  length   o  Password  retry  counts   o  One-­‐Time-­‐Passwords   o  Email  verifica6on   o  User  account  locking   o  Self-­‐Sign-­‐Up   o  Password  Reset  using  Secret  Ques6ons   o  Password  Reset  using  Email  verifica6on   Iden6ty  Management  and  Self   Provisioning   13  
  14. 14. What's  new  with  Iden6ty  Server  5.0.0   o  Iden6ty  Federa6on  Bus   o  Home  Realm  Discovery   o  Mul6-­‐op6on  and  mul6-­‐step  authen6ca6on   o  Authen6ca6on  Bridge   o  Just-­‐In-­‐Time  Provisioning   o  Claim  Mapping   o  Role  Mapping   o  Provisioning  Bridge   o  User  store  connector   o  SCIM  1.1  connector   o  SPML  v2  –  DSML  v2  connector   o  Salesforce  connector   o  Google  Apps  connector   14  
  15. 15. What's  new  with  Iden6ty  Server  5.0.0   15   o  End-­‐user  dashboard   o  SAML2  Web  SSO  Request/Response  validator  tool   o  Integrated  Windows  Authen6ca6on  (IWA)  authen6ca6on   o  Encrypted  SAML2  Asser6ons   o  Remote  User  Store  Management   o  Applica6on  specific  permissions   o  NTLM  grant  type  for  OAuth2  
  16. 16. 16   Demo  Time!!!  
  17. 17. 17   SAML2.0 Web SSO Scenario  1   OpenID Connect OAuth2 Playground
  18. 18. 18   Scenario  2   SAML2.0 Request Facebook Connect
  19. 19. 19   More  Informa6on  !   ๏  Download  Iden6ty  Server  5.0.0  at   hhp://­‐server/   ๏  Documenta6on  available  at   hhps://  
  20. 20. 20   Business  Model  
  21. 21. Contact us !