SlideShare una empresa de Scribd logo

User Management and SSO for Austrian Government

B
bkraft

Austrian law mandates a standardized system for user management and single-sign-on for use in Austrian government institutions. The LFRZ is one of the main providers of conformant software solutions for this sector. We show how Magnolia was integrated into this system, and the challenges faced and overcome in doing so.

TecnologíaEmpresariales
1 de 29
Descargar para leer sin conexión
Welcome.
Magnolia user management and SSO for Austrian government sector Magnolia Conference 2012 – Technical Track Presented by Richard Unger and Rihard Monovic
Agenda 1 About RISE & LFRZ 2 SSO in Austrian government 3 Requirements and challenges 4 Implementation Presentation Title 3
About RISE and LFRZ
About RISE and LFRZ – Partnership  RISE  partner for industry  LFRZ  partner for government User management and SSO for Austrian government 5
About RISE  Corporation, www.rise-world.com  TU Spin Off, founded 1987  TU Vienna, INSO – The Think Tank of RISE, 40 PhDs  Competences  More than 300 world-class IT-engineers & architects  Highly acknowledged R&D-enterprise in Europe  Top-Developer (e.g. part of the world-wide Java-Eclipse provider community, component delivery)  Specialists in IT-Infrastructure and IT-Integration  Top-Experts in e.g. IT-Architecture, IT-Strategy, IT-Security, Usability, Transport IT, System-Performance  Locations  HQ in Schwechat/Airport and Vienna  offices in several countries  RISE personell works world-wide User management and SSO for Austrian government 6
About RISE - Project examples  2003 – 2006: ID Card for all Austrians + country-wide IT infrastructure 8 mio. electronic ID-Cards, 24.000 specially designed components for offices, delivered in 24 months  2005 – 2008: overall health network in Germany, architecture, planning and project/program management for the at that time largest IT project in Europe (1,8 billion €), design at CeBit 2005, leaded till 2008  2009 – 2012: country-wide ticketing for railway / public transport in Austria, 10 million tickets/year, highly complex interoperability, all access channels (clerk counter, pos-automat, internet, travel agent, mobile phone)  2007 – 2008: design and architecture of the government network plus the school&health network of Qatar, including NOC (network operating center) and SOC (security operating center)  1993 – today: IT infrastructure, software projects, rollouts, IT architec- tures for e.g. MoI, MoH, MoF, MoA, MoS, MoX… in several countries User management and SSO for Austrian government 7
About RISE - Clients  AMS Österreich  Oesterreichische Kontrollbank AG  Bank Austria Treasury Merger & Systemupgrades  Österreichische Universitäten – IT-Gesamtstrategie  Bundesrechenzentrum – Test- und Multiprojektmanagement  Bundesverwaltung – ELAK Einführung  IT-Portfolio – Die Presse  Dresdner Bank  Bundesministerium für Gesundheit Berlin  Justizministerium United Arabic Emirates  ICT Qatar (gesamtes IKT-Portfolio)  Usability- und Web-Strategie der indischen Regierung  Qatar Foundation (Infrastruktur-Planung)  e-Governement-Strategie Libyen User management and SSO for Austrian government 8
About LFRZ  “Land-, forst- & wasserwirtschaftliches Rechenzentrum GmbH” – www.lfrz.at  IT service provider  located in Vienna  owned by Austrian „ministry of agriculture“, which is also the principal customer  approx. 30 employees + external consultants  focus is on GIS, SSO, custom application development in Java, data integration, IT operations  and CMS User management and SSO for Austrian government 9
About LFRZ - Clients  LFRZ’s principal customer, principal website  www.lebensministerium.at User management and SSO for Austrian government 10
SSO in Austrian government
SSO in Austrian government Principal customer – “Lebensministerium”  120 editors  30+ websites  different departments, different offices in different cities  existing SSO solution  windows login enables access to all assigned applications 12
SSO in Austrian government SSO solution  “Portalverbund der Österreichischen Behörden”  use is mandated by law  standardized protocols, different implementations  de-central rights management  different portal providers, different application providers 13
SSO in Austrian government SSO solution “Portalverbund”  Systems involved: “Proxy-based” solution, home-portal, application-portal  Role model: similar to J2EE: users have roles in an application  PVP protocol: SSO-information provided in HTTP headers 14
SSO in Austrian government SSO solution “Portalverbund” user-infos in http-headers user-infos in http-headers application-portal application home-portal 15
Requirements and challenges
SSO – requirements and challenges Manageable roles and groups  Old CMS had SSO Integration  Old CMS did not use ACLs  120 editors needed 700 groups !!!  Synchronization of Portalverbund LDAP and CMS  Incredibly confusing! 17
SSO – requirements and challenges Requirements  SSO – automatic login  Roles and groups normally managed in magnolia  roles and groups also via PVP headers, mappings  Permissions (ACLs) managed in magnolia  Automatic user creation on login  “Preemptive” user creation from LDAP  GUI 18
SSO – requirements and challenges Challenges  Integrating SSO  How to handle Permissions (ACLs)  Keeping roles and groups manageable  Implementing GUIs in magnolia 19
Implementation
SSO – implementation in Magnolia Custom modules  vaadin-preintegration: use Vaadin in Magnolia 4.4.x  pvp-jaas: SSO integration, LDAP integration 21
SSO – implementation in Magnolia Module pvp-jaas  LoginHandler  PVPCallback (JAAS callback)  PVPAuthenticationModule (JAAS module)  and: LDAP user page (Vaadin based GUI) 22
SSO – implementation in Magnolia Module pvp-jaas 23
SSO – implementation in Magnolia Module pvp-jaas  Configuration via content2bean  Group & role mappings possible  Auto-update of user infos (marriage, change of office, etc…) 24
SSO – implementation in Magnolia LDAP user GUI (Vaadin) 25
SSO – implementation in Magnolia Conclusion  Working well in production  Easy for editors, easy for admins  Customer manages users  LFRZ manages groups, roles & ACLs  Magnolia is now “Portalverbund”-compatible 26
Thank you!
Questions?
User Management and SSO for Austrian Government

Recomendados

The Successful Job Interview
The Successful Job InterviewThe Successful Job Interview
The Successful Job Interviewsuweb
 
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay [Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay Nuxeo
 
Implementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformImplementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformWSO2
 
StrongLoop DevOps Overview
StrongLoop DevOps OverviewStrongLoop DevOps Overview
StrongLoop DevOps Overviewjguerrero999
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Jack541108
 
2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathonaaronwso2
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital TransformationWSO2
 

Recomendados

The Successful Job Interview
The Successful Job InterviewThe Successful Job Interview
The Successful Job Interviewsuweb
 
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay [Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay Nuxeo
 
Implementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformImplementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformWSO2
 
StrongLoop DevOps Overview
StrongLoop DevOps OverviewStrongLoop DevOps Overview
StrongLoop DevOps Overviewjguerrero999
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Jack541108
 
2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathonaaronwso2
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital TransformationWSO2
 
WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingVijaya Raghava Vuligundam
 
Open Source Soa
Open Source SoaOpen Source Soa
Open Source SoaArun Pareek
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop OverviewShubhra Kar
 
Eclipse SOA Initiative
Eclipse SOA InitiativeEclipse SOA Initiative
Eclipse SOA Initiativericco.deutscher
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the DesktopVincent Perrin
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business OverviewNick Davis
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiAVEVA
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentationguestbc8b80
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_ChesnokovVladimir Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platformAmbientia
 
Scandinavia
ScandinaviaScandinavia
Scandinaviajaromik
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Servicesjaromik
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Lucas Jellema
 
SAP Net Weaver Architecture,
SAP Net Weaver Architecture, SAP Net Weaver Architecture,
SAP Net Weaver Architecture, Tapas Bhattacharya
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalMunish Gupta
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Brian Elvesæter
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview crVasily Demin
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications WikisXWiki
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisMarc Dutoo
 
The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webbkraft
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...bkraft
 

Más contenido relacionado

Similar a User Management and SSO for Austrian Government

WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingVijaya Raghava Vuligundam
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop OverviewShubhra Kar
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the DesktopVincent Perrin
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business OverviewNick Davis
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiAVEVA
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentationguestbc8b80
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_ChesnokovVladimir Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platformAmbientia
 
Scandinavia
ScandinaviaScandinavia
Scandinaviajaromik
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Servicesjaromik
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Lucas Jellema
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalMunish Gupta
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Brian Elvesæter
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview crVasily Demin
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications WikisXWiki
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisMarc Dutoo
 

Similar a User Management and SSO for Austrian Government (20)

WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development Training
 
Open Source Soa
Open Source SoaOpen Source Soa
Open Source Soa
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop Overview
 
Eclipse SOA Initiative
Eclipse SOA InitiativeEclipse SOA Initiative
Eclipse SOA Initiative
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the Desktop
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business Overview
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry Pi
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentation
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platform
 
Scandinavia
ScandinaviaScandinavia
Scandinavia
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Services
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
 
SAP Net Weaver Architecture,
SAP Net Weaver Architecture, SAP Net Weaver Architecture,
SAP Net Weaver Architecture,
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere Portal
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview cr
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications Wikis
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
 

Más de bkraft

The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webbkraft
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...bkraft
 
Magnolia Conference 2013: Keynote
Magnolia Conference 2013: KeynoteMagnolia Conference 2013: Keynote
Magnolia Conference 2013: Keynotebkraft
 
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5bkraft
 
Webinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITWebinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITbkraft
 
Increase Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop ModuleIncrease Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop Modulebkraft
 
Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013bkraft
 
High performance and scalability
High performance and scalability High performance and scalability
High performance and scalability bkraft
 
Multilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesMultilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesbkraft
 
Blossom on the web
Blossom on the webBlossom on the web
Blossom on the webbkraft
 
Single sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesSingle sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesbkraft
 
Work life balance
Work life balanceWork life balance
Work life balancebkraft
 
Magnolia and PHPCR
Magnolia and PHPCRMagnolia and PHPCR
Magnolia and PHPCRbkraft
 
Solr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of MagnoliaSolr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of Magnoliabkraft
 
End to end content managed online mobile banking
End to end content managed online mobile bankingEnd to end content managed online mobile banking
End to end content managed online mobile bankingbkraft
 
MBC Group - Magnolia in the Media
MBC Group - Magnolia in the MediaMBC Group - Magnolia in the Media
MBC Group - Magnolia in the Mediabkraft
 
Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris bkraft
 
Bridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured SoftwareBridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured Softwarebkraft
 
Enterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's ImagingEnterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's Imagingbkraft
 
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design ProcessHow the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Processbkraft
 

Más de bkraft (20)

The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing web
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
 
Magnolia Conference 2013: Keynote
Magnolia Conference 2013: KeynoteMagnolia Conference 2013: Keynote
Magnolia Conference 2013: Keynote
 
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
 
Webinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITWebinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For IT
 
Increase Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop ModuleIncrease Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop Module
 
Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013
 
High performance and scalability
High performance and scalability High performance and scalability
High performance and scalability
 
Multilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesMultilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pages
 
Blossom on the web
Blossom on the webBlossom on the web
Blossom on the web
 
Single sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesSingle sourcing desktop and mobile websites
Single sourcing desktop and mobile websites
 
Work life balance
Work life balanceWork life balance
Work life balance
 
Magnolia and PHPCR
Magnolia and PHPCRMagnolia and PHPCR
Magnolia and PHPCR
 
Solr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of MagnoliaSolr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of Magnolia
 
End to end content managed online mobile banking
End to end content managed online mobile bankingEnd to end content managed online mobile banking
End to end content managed online mobile banking
 
MBC Group - Magnolia in the Media
MBC Group - Magnolia in the MediaMBC Group - Magnolia in the Media
MBC Group - Magnolia in the Media
 
Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris
 
Bridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured SoftwareBridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured Software
 
Enterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's ImagingEnterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's Imaging
 
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design ProcessHow the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

User Management and SSO for Austrian Government

  • 2. Magnolia user management and SSO for Austrian government sector Magnolia Conference 2012 – Technical Track Presented by Richard Unger and Rihard Monovic
  • 3. Agenda 1 About RISE & LFRZ 2 SSO in Austrian government 3 Requirements and challenges 4 Implementation Presentation Title 3
  • 5. About RISE and LFRZ – Partnership  RISE  partner for industry  LFRZ  partner for government User management and SSO for Austrian government 5
  • 6. About RISE  Corporation, www.rise-world.com  TU Spin Off, founded 1987  TU Vienna, INSO – The Think Tank of RISE, 40 PhDs  Competences  More than 300 world-class IT-engineers & architects  Highly acknowledged R&D-enterprise in Europe  Top-Developer (e.g. part of the world-wide Java-Eclipse provider community, component delivery)  Specialists in IT-Infrastructure and IT-Integration  Top-Experts in e.g. IT-Architecture, IT-Strategy, IT-Security, Usability, Transport IT, System-Performance  Locations  HQ in Schwechat/Airport and Vienna  offices in several countries  RISE personell works world-wide User management and SSO for Austrian government 6
  • 7. About RISE - Project examples  2003 – 2006: ID Card for all Austrians + country-wide IT infrastructure 8 mio. electronic ID-Cards, 24.000 specially designed components for offices, delivered in 24 months  2005 – 2008: overall health network in Germany, architecture, planning and project/program management for the at that time largest IT project in Europe (1,8 billion €), design at CeBit 2005, leaded till 2008  2009 – 2012: country-wide ticketing for railway / public transport in Austria, 10 million tickets/year, highly complex interoperability, all access channels (clerk counter, pos-automat, internet, travel agent, mobile phone)  2007 – 2008: design and architecture of the government network plus the school&health network of Qatar, including NOC (network operating center) and SOC (security operating center)  1993 – today: IT infrastructure, software projects, rollouts, IT architec- tures for e.g. MoI, MoH, MoF, MoA, MoS, MoX… in several countries User management and SSO for Austrian government 7
  • 8. About RISE - Clients  AMS Österreich  Oesterreichische Kontrollbank AG  Bank Austria Treasury Merger & Systemupgrades  Österreichische Universitäten – IT-Gesamtstrategie  Bundesrechenzentrum – Test- und Multiprojektmanagement  Bundesverwaltung – ELAK Einführung  IT-Portfolio – Die Presse  Dresdner Bank  Bundesministerium für Gesundheit Berlin  Justizministerium United Arabic Emirates  ICT Qatar (gesamtes IKT-Portfolio)  Usability- und Web-Strategie der indischen Regierung  Qatar Foundation (Infrastruktur-Planung)  e-Governement-Strategie Libyen User management and SSO for Austrian government 8
  • 9. About LFRZ  “Land-, forst- & wasserwirtschaftliches Rechenzentrum GmbH” – www.lfrz.at  IT service provider  located in Vienna  owned by Austrian „ministry of agriculture“, which is also the principal customer  approx. 30 employees + external consultants  focus is on GIS, SSO, custom application development in Java, data integration, IT operations  and CMS User management and SSO for Austrian government 9
  • 10. About LFRZ - Clients  LFRZ’s principal customer, principal website  www.lebensministerium.at User management and SSO for Austrian government 10
  • 11. SSO in Austrian government
  • 12. SSO in Austrian government Principal customer – “Lebensministerium”  120 editors  30+ websites  different departments, different offices in different cities  existing SSO solution  windows login enables access to all assigned applications 12
  • 13. SSO in Austrian government SSO solution  “Portalverbund der Österreichischen Behörden”  use is mandated by law  standardized protocols, different implementations  de-central rights management  different portal providers, different application providers 13
  • 14. SSO in Austrian government SSO solution “Portalverbund”  Systems involved: “Proxy-based” solution, home-portal, application-portal  Role model: similar to J2EE: users have roles in an application  PVP protocol: SSO-information provided in HTTP headers 14
  • 15. SSO in Austrian government SSO solution “Portalverbund” user-infos in http-headers user-infos in http-headers application-portal application home-portal 15
  • 17. SSO – requirements and challenges Manageable roles and groups  Old CMS had SSO Integration  Old CMS did not use ACLs  120 editors needed 700 groups !!!  Synchronization of Portalverbund LDAP and CMS  Incredibly confusing! 17
  • 18. SSO – requirements and challenges Requirements  SSO – automatic login  Roles and groups normally managed in magnolia  roles and groups also via PVP headers, mappings  Permissions (ACLs) managed in magnolia  Automatic user creation on login  “Preemptive” user creation from LDAP  GUI 18
  • 19. SSO – requirements and challenges Challenges  Integrating SSO  How to handle Permissions (ACLs)  Keeping roles and groups manageable  Implementing GUIs in magnolia 19
  • 21. SSO – implementation in Magnolia Custom modules  vaadin-preintegration: use Vaadin in Magnolia 4.4.x  pvp-jaas: SSO integration, LDAP integration 21
  • 22. SSO – implementation in Magnolia Module pvp-jaas  LoginHandler  PVPCallback (JAAS callback)  PVPAuthenticationModule (JAAS module)  and: LDAP user page (Vaadin based GUI) 22
  • 23. SSO – implementation in Magnolia Module pvp-jaas 23
  • 24. SSO – implementation in Magnolia Module pvp-jaas  Configuration via content2bean  Group & role mappings possible  Auto-update of user infos (marriage, change of office, etc…) 24
  • 25. SSO – implementation in Magnolia LDAP user GUI (Vaadin) 25
  • 26. SSO – implementation in Magnolia Conclusion  Working well in production  Easy for editors, easy for admins  Customer manages users  LFRZ manages groups, roles & ACLs  Magnolia is now “Portalverbund”-compatible 26