SlideShare a Scribd company logo

OIS Architecture Review

Download as PPTX, PDF
ForgeRock
ForgeRock

Presented by Jamie Nelson, VP of Engineering, ForgeRock at Open Stack Identity Summit, France 2013 Learn more about ForgeRock Access Management: https://www.forgerock.com/platform/access-management/ Learn more about ForgeRock Identity Management: https://www.forgerock.com/platform/identity-management/

TechnologyEducation
1 of 20
Open Identity Stack
Identity Products Today  Stack vendors built by acquisition  The integrated stack is marketecture  Installation takes days  Integration is complex  Interface and UI proliferation  No module reuse  Closed source  Vendor lock in 2
ForgeRock Vision  Simple  Scalable  Modular  Embeddable  Common REST framework  Common UI model  Community participation 3
Common Modules  CREST (ForgeRock REST)  User Interface  JASPI for Authentication  REST endpoint protection (filters)  OAuth  Federation  Logging  Entitlements 4
OpenAM  All in one  Simple war deployment  Platform independent  Flexible and extensible  Highly available and scalable 5
OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Auditng User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 6
OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Audit User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 7
OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services Core Services OpenDJ OpenDJ 8
OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services OpenDJ Core Services OpenDJ 9
OpenIDM  Lightweight provisioning  Next generation modular architecture  Built on resource oriented principles  Highly extensible  Self contained 10
OpenIDM ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Workflow External Resources ForgeRock REST Router Persistence (OrientDB) 11
OpenIDM Commons ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Task Scanner External Resources ForgeRock REST Router Persistence (OrientDB) 12
Identity Bridge  Software appliance ■ Wizard configuration  Identity synchronization from enterprise to SaaS  Reporting and reconciliation  SAML2 and OAuth 13
Identity Bridge Configuration Wizard OSGI Reporting and Recon ForgeRock UI Framework Authentication JASPI (AD and IWA) OpenIDM Business Logic (Javascript, Groovy, Java) OAuth Federation Salesforce and LDAP Salesforce LDAP Connector Jetty Web Server 14
OpenDJ  Lightweight  Embeddable  REST APIs  High availability  Secure out of the box  Flexible architecture 15
OpenDJ Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Caching LDAPV3 Password Policy Replication Groups Monitoring Schema Management Auditing Backend Services Change Log Persistence Connectors LDIF Memory 16
OpenDJ Commons Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Password Policy Caching LDAPV3 Replication Group Monitoring Schema Management Auditng Backend Services Change Log Persistence Connector LDIF Memory 17
OpenDJ REST2LDAP User Interface Login/End User ForgeRock UI Framework OpenDJ Server JASPI Authentication Module ForgeRock REST REST2LDAP Core Services 18
Single Webapp Stack Login/Registration/Self Service ForgeRock UI Framework ForgeRock REST OpenAM OpenIDM Authentication Authorization Federation User Management Syncronization Workflow OpenDJ Persistence Users/Tokens/Configuration 19
High Scale Elastic Stack Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock REST ForgeRock REST ForgeRock REST ForgeRock REST OpenAM OpenIDM ForgeRock REST OpenAM OpenAM OpenIDM ForgeRock REST OpenDJ OpenDJ OpenAM ForgeRock REST OpenDJ Distributor OpenDJ OpenIDM OpenIDM ForgeRock REST OpenDJ Distributor OpenDJ OpenDJ OpenDJ OpenDJ 20

Recommended

Incredible Edible Identity
Incredible Edible IdentityIncredible Edible Identity
Incredible Edible Identity
ForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
ForgeRock
 
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
ForgeRock
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
ForgeRock
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
 
Implementing eGov
Implementing eGovImplementing eGov
Implementing eGov
ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
ForgeRock
 

Recommended

Incredible Edible Identity
Incredible Edible IdentityIncredible Edible Identity
Incredible Edible Identity
ForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
ForgeRock
 
THE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURETHE FORGEROCK PLATFORM BIG PICTURE
THE FORGEROCK PLATFORM BIG PICTURE
ForgeRock
 
Federation in Practice
Federation in PracticeFederation in Practice
Federation in Practice
ForgeRock
 
OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study OpenAM Best Practices - Corelio Media Case Study
OpenAM Best Practices - Corelio Media Case Study
ForgeRock
 
Implementing eGov
Implementing eGovImplementing eGov
Implementing eGov
ForgeRock
 
Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?Identity Management with the ForgeRock Identity Platform - So What’s New?
Identity Management with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1Webinar: OpenIDM 3.1
Webinar: OpenIDM 3.1
ForgeRock
 
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingWebinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
ForgeRock
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
ForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
ForgeRock
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
ForgeRock
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
ForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
ForgeRock
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
ForgeRock
 
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
ForgeRock
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
ForgeRock
 
Case Study: Utilizing OpenIDM with an External AJAX Interface
Case Study: Utilizing OpenIDM with an External AJAX InterfaceCase Study: Utilizing OpenIDM with an External AJAX Interface
Case Study: Utilizing OpenIDM with an External AJAX Interface
ForgeRock
 
OpenAM as Flexible Integration Component
OpenAM as Flexible Integration ComponentOpenAM as Flexible Integration Component
OpenAM as Flexible Integration Component
ForgeRock
 
OpenAM Survival Tips
OpenAM Survival TipsOpenAM Survival Tips
OpenAM Survival Tips
ForgeRock
 
Technical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity StackTechnical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity Stack
ForgeRock
 
OpenIDM 3.0 - What's New
OpenIDM 3.0 - What's NewOpenIDM 3.0 - What's New
OpenIDM 3.0 - What's New
ForgeRock
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
WSO2
 
Enterprise Security Requirements
Enterprise Security RequirementsEnterprise Security Requirements
Enterprise Security Requirements
WSO2
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
ForgeRock
 
Logs aggregation and analysis
Logs aggregation and analysisLogs aggregation and analysis
Logs aggregation and analysis
Divante
 

More Related Content

What's hot

Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingWebinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
ForgeRock
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
ForgeRock
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
ForgeRock
 
OpenIDM 3.0 - What's New
OpenIDM 3.0 - What's NewOpenIDM 3.0 - What's New
OpenIDM 3.0 - What's New
ForgeRock
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
WSO2
 
Enterprise Security Requirements
Enterprise Security RequirementsEnterprise Security Requirements
Enterprise Security Requirements
WSO2
 

What's hot (20)

Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingWebinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
Webinar: Extend The Power of The ForgeRock Identity Platform Through Scripting
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
 
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)Webinar: ForgeRock Identity Platform Preview (Dec 2015)
Webinar: ForgeRock Identity Platform Preview (Dec 2015)
 
Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?Directory Services with the ForgeRock Identity Platform - So What’s New?
Directory Services with the ForgeRock Identity Platform - So What’s New?
 
Identity as a Managed Cloud Service
Identity as a Managed Cloud ServiceIdentity as a Managed Cloud Service
Identity as a Managed Cloud Service
 
Shoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 ProviderShoot Me a Token: OpenAM as an OAuth2 Provider
Shoot Me a Token: OpenAM as an OAuth2 Provider
 
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
IDP Proxy Concept: Accessing Identity Data Sources Everywhere!
 
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
Webinar: Access Management with the ForgeRock Identity Platform - So What’s N...
 
Case Study: Utilizing OpenIDM with an External AJAX Interface
Case Study: Utilizing OpenIDM with an External AJAX InterfaceCase Study: Utilizing OpenIDM with an External AJAX Interface
Case Study: Utilizing OpenIDM with an External AJAX Interface
 
OpenAM as Flexible Integration Component
OpenAM as Flexible Integration ComponentOpenAM as Flexible Integration Component
OpenAM as Flexible Integration Component
 
OpenAM Survival Tips
OpenAM Survival TipsOpenAM Survival Tips
OpenAM Survival Tips
 
Technical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity StackTechnical Case Study: McKesson - Employing the Open Identity Stack
Technical Case Study: McKesson - Employing the Open Identity Stack
 
OpenIDM 3.0 - What's New
OpenIDM 3.0 - What's NewOpenIDM 3.0 - What's New
OpenIDM 3.0 - What's New
 
WSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release WebinarWSO2 Identity Server 5.3.0 - Product Release Webinar
WSO2 Identity Server 5.3.0 - Product Release Webinar
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
Single sign on using WSO2 identity server
Single sign on using WSO2 identity serverSingle sign on using WSO2 identity server
Single sign on using WSO2 identity server
 
Enterprise Security Requirements
Enterprise Security RequirementsEnterprise Security Requirements
Enterprise Security Requirements
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
 

Viewers also liked

French revolution begins cp
French revolution begins cpFrench revolution begins cp
French revolution begins cp
lherzl
 
La gouvernance IAM au service des stratégies métiers
La gouvernance IAM au service des stratégies métiersLa gouvernance IAM au service des stratégies métiers
La gouvernance IAM au service des stratégies métiers
Marc Rousselet
 

Viewers also liked (20)

Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
 
Logs aggregation and analysis
Logs aggregation and analysisLogs aggregation and analysis
Logs aggregation and analysis
 
Elk stack
Elk stackElk stack
Elk stack
 
Google Analytics Konferenz 2015_Analytics und AdWords - das Dreamteam_Sommere...
Google Analytics Konferenz 2015_Analytics und AdWords - das Dreamteam_Sommere...Google Analytics Konferenz 2015_Analytics und AdWords - das Dreamteam_Sommere...
Google Analytics Konferenz 2015_Analytics und AdWords - das Dreamteam_Sommere...
 
Back To The Future
Back To The FutureBack To The Future
Back To The Future
 
Revista Mercadoindustrial.es Nº 82 Abril 2014
Revista Mercadoindustrial.es Nº 82 Abril 2014Revista Mercadoindustrial.es Nº 82 Abril 2014
Revista Mercadoindustrial.es Nº 82 Abril 2014
 
Presentation
Presentation Presentation
Presentation
 
Dolomiti Brenta Bike Deutsch
Dolomiti Brenta Bike DeutschDolomiti Brenta Bike Deutsch
Dolomiti Brenta Bike Deutsch
 
20090606 kv tag_
20090606 kv tag_20090606 kv tag_
20090606 kv tag_
 
Medium, Bildung, Wissen - (Wissens-) Konstruktion aus Sicht einer pädagogisch...
Medium, Bildung, Wissen - (Wissens-) Konstruktion aus Sicht einer pädagogisch...Medium, Bildung, Wissen - (Wissens-) Konstruktion aus Sicht einer pädagogisch...
Medium, Bildung, Wissen - (Wissens-) Konstruktion aus Sicht einer pädagogisch...
 
French revolution begins cp
French revolution begins cpFrench revolution begins cp
French revolution begins cp
 
Reporte de lectura capitulo 8
Reporte de lectura capitulo 8Reporte de lectura capitulo 8
Reporte de lectura capitulo 8
 
Docker
DockerDocker
Docker
 
Comment sécuriser une démarche BYOD
Comment sécuriser une démarche BYODComment sécuriser une démarche BYOD
Comment sécuriser une démarche BYOD
 
La gouvernance IAM au service des stratégies métiers
La gouvernance IAM au service des stratégies métiersLa gouvernance IAM au service des stratégies métiers
La gouvernance IAM au service des stratégies métiers
 
IAM
IAM IAM
IAM
 
Infrastructure As Code
Infrastructure As CodeInfrastructure As Code
Infrastructure As Code
 
Identity access management
Identity access managementIdentity access management
Identity access management
 
LXC - kontener pingwinów
LXC - kontener pingwinówLXC - kontener pingwinów
LXC - kontener pingwinów
 
Living Lab e-Inclusion - Rapport de pré-étude
Living Lab e-Inclusion - Rapport de pré-étudeLiving Lab e-Inclusion - Rapport de pré-étude
Living Lab e-Inclusion - Rapport de pré-étude
 

Similar to OIS Architecture Review

Enable Secure Mobile & Web Access to Microsoft SharePoint
Enable Secure Mobile & Web Access to Microsoft SharePointEnable Secure Mobile & Web Access to Microsoft SharePoint
Enable Secure Mobile & Web Access to Microsoft SharePoint
CA API Management
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
guest536dd0e
 
Open sso enterprise customer pitch
Open sso enterprise customer pitchOpen sso enterprise customer pitch
Open sso enterprise customer pitch
xKinAnx
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptx
NuttapolMix
 

Similar to OIS Architecture Review (20)

Enable Secure Mobile & Web Access to Microsoft SharePoint
Enable Secure Mobile & Web Access to Microsoft SharePointEnable Secure Mobile & Web Access to Microsoft SharePoint
Enable Secure Mobile & Web Access to Microsoft SharePoint
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
 
Introduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS ProjectIntroduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS Project
 
J2 Ee Vs. .Net Workshop
J2 Ee Vs. .Net WorkshopJ2 Ee Vs. .Net Workshop
J2 Ee Vs. .Net Workshop
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Enterprise GlassFish
Enterprise GlassFishEnterprise GlassFish
Enterprise GlassFish
 
Vijay Oscon
Vijay OsconVijay Oscon
Vijay Oscon
 
Be an integration superhero with Azure and build API-enabled and connected en...
Be an integration superhero with Azure and build API-enabled and connected en...Be an integration superhero with Azure and build API-enabled and connected en...
Be an integration superhero with Azure and build API-enabled and connected en...
 
RESTful Security
RESTful SecurityRESTful Security
RESTful Security
 
Trusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy ModelTrusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy Model
 
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform OverviewNYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
NYC Identity Summit Tech Day: ForgeRock Identity Platform Overview
 
APIsecure 2023 - API orchestration: to build resilient applications, Cherish ...
APIsecure 2023 - API orchestration: to build resilient applications, Cherish ...APIsecure 2023 - API orchestration: to build resilient applications, Cherish ...
APIsecure 2023 - API orchestration: to build resilient applications, Cherish ...
 
“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything“Secure Portal” or WebSphere Portal – Security with Everything
“Secure Portal” or WebSphere Portal – Security with Everything
 
Brane.Storm
Brane.StormBrane.Storm
Brane.Storm
 
Open sso enterprise customer pitch
Open sso enterprise customer pitchOpen sso enterprise customer pitch
Open sso enterprise customer pitch
 
Security in Java
Security in JavaSecurity in Java
Security in Java
 
FortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptxFortiProxy sales presentation-02022020_Vee.pptx
FortiProxy sales presentation-02022020_Vee.pptx
 
Kotlin server side frameworks
Kotlin server side frameworksKotlin server side frameworks
Kotlin server side frameworks
 
iPlanet presentation
iPlanet presentationiPlanet presentation
iPlanet presentation
 
How collaboration works between Dev and Ops - DevOps Agile Testing and Test S...
How collaboration works between Dev and Ops - DevOps Agile Testing and Test S...How collaboration works between Dev and Ops - DevOps Agile Testing and Test S...
How collaboration works between Dev and Ops - DevOps Agile Testing and Test S...
 

More from ForgeRock

ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Recently uploaded

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

OIS Architecture Review

  • 2. Identity Products Today  Stack vendors built by acquisition  The integrated stack is marketecture  Installation takes days  Integration is complex  Interface and UI proliferation  No module reuse  Closed source  Vendor lock in 2
  • 3. ForgeRock Vision  Simple  Scalable  Modular  Embeddable  Common REST framework  Common UI model  Community participation 3
  • 4. Common Modules  CREST (ForgeRock REST)  User Interface  JASPI for Authentication  REST endpoint protection (filters)  OAuth  Federation  Logging  Entitlements 4
  • 5. OpenAM  All in one  Simple war deployment  Platform independent  Flexible and extensible  Highly available and scalable 5
  • 6. OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Auditng User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 6
  • 7. OpenAM User Interface Management Protected Resources Web Agents JavaEE Agents Web Services Agents Universal Gateway End User ForgeRock UI Framework ForgeRock REST (Commons REST) Core Services XACML Federation OpenID Connect OAuth Policy User Management Core Token Service Authentication Entitlements Secure Token Service Configuration Session Audit User Mgmt Plugins Token Service Plugins SPIs Federation Plugins Authentication Plugins Policy Plugins Persistence (OpenDJ) 7
  • 8. OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services Core Services OpenDJ OpenDJ 8
  • 9. OpenAM Persistence OpenAM Server OpenAM Server Users Tokens Users Tokens Configuration Polices Configuration Polices Core Services OpenDJ Core Services OpenDJ 9
  • 10. OpenIDM  Lightweight provisioning  Next generation modular architecture  Built on resource oriented principles  Highly extensible  Self contained 10
  • 11. OpenIDM ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Workflow External Resources ForgeRock REST Router Persistence (OrientDB) 11
  • 12. OpenIDM Commons ForgeRock UI Framework OSGI Jetty Web Server Authentication Filter (JASPI) Policy Audit Business Logic (Javascript, Groovy, Java) Configuration Sync/Recon System (Connectors) Audit/Logs Managed Users Scheduler Task Scanner External Resources ForgeRock REST Router Persistence (OrientDB) 12
  • 13. Identity Bridge  Software appliance ■ Wizard configuration  Identity synchronization from enterprise to SaaS  Reporting and reconciliation  SAML2 and OAuth 13
  • 14. Identity Bridge Configuration Wizard OSGI Reporting and Recon ForgeRock UI Framework Authentication JASPI (AD and IWA) OpenIDM Business Logic (Javascript, Groovy, Java) OAuth Federation Salesforce and LDAP Salesforce LDAP Connector Jetty Web Server 14
  • 16. OpenDJ Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Caching LDAPV3 Password Policy Replication Groups Monitoring Schema Management Auditing Backend Services Change Log Persistence Connectors LDIF Memory 16
  • 17. OpenDJ Commons Web Application User Interface ForgeRock REST Management REST2LDAP End User ForgeRock UI Framework Java SDK/ LDAPv3 ForgeRock REST Core Server REST2LDAP Access Control Password Policy Caching LDAPV3 Replication Group Monitoring Schema Management Auditng Backend Services Change Log Persistence Connector LDIF Memory 17
  • 18. OpenDJ REST2LDAP User Interface Login/End User ForgeRock UI Framework OpenDJ Server JASPI Authentication Module ForgeRock REST REST2LDAP Core Services 18
  • 19. Single Webapp Stack Login/Registration/Self Service ForgeRock UI Framework ForgeRock REST OpenAM OpenIDM Authentication Authorization Federation User Management Syncronization Workflow OpenDJ Persistence Users/Tokens/Configuration 19
  • 20. High Scale Elastic Stack Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service Login/Registration/Self Service ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock UI Framework ForgeRock REST ForgeRock REST ForgeRock REST ForgeRock REST OpenAM OpenIDM ForgeRock REST OpenAM OpenAM OpenIDM ForgeRock REST OpenDJ OpenDJ OpenAM ForgeRock REST OpenDJ Distributor OpenDJ OpenIDM OpenIDM ForgeRock REST OpenDJ Distributor OpenDJ OpenDJ OpenDJ OpenDJ 20