SlideShare a Scribd company logo

Identity Federation on JBossAS

Roger CARHUATOCTO
Roger CARHUATOCTO
1 of 28
High Availability of Identity Federation System on JBossAS Roger Carhuatocto QA & IT Security Project Manager IN2, Ingeniería de la Información 11 October 2005
me ,[object Object],[object Object],[object Object],[object Object]
Content ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Digital Identity ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Trends in Identity Mgmt ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Models of Identity Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
“ A Federation is less painful than a Revolution ” ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Elements of an Identity Mgmt System 1/2 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Elements of an Identity Mgmt System 2/2 ,[object Object],[object Object],[object Object],[object Object],[object Object],Hub of Service Hub of Identity IdP/SP IdP/SP IdP/SP IdP/SP IdP/SP Tributary agency VISA Network Healthcare public system Federation multi-provider IdP SP IdP IdP IdP IdP IdP IdP SP SP SP SP SP SP
Content ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Standards: SAML Service Provider ID Provider AuthN Assertion Request Credentials ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1 Assertion Response 2
Standards: Why SAML? May 13: Sun and Microsoft announce new identity specifications and additional measures for product interoperability: Web SSO Metadata exchange and interop profile Standards roadmap Web Federated SSO ,[object Object],[object Object],[object Object],[object Object],Liberty ID-FF 1.1 SAML 1.0 SAML 1.1 Shibboleth 1.x Liberty ID-FF 1.2 SAML 2.0 (Mar2005) Shibboleth 2.0 (4Q2005) WS-Fed Passive interop profile SSO interop profile SSO MEX
Standards: SAML, a assertion Server which send the “assertion” Time valid of the “assertion” User being authenticated Authentication method used
Standards: SAML, functional requirements ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Solutions and products ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Content ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Web Single Sign On (Clasic) ,[object Object],[object Object],[object Object],[object Object],Cookie Cookie www.domain.com App A App B App C ,[object Object],[object Object],[object Object],[object Object],[object Object]
Cross Domain Single Sign On ,[object Object],[object Object],[object Object],[object Object],otherdomain.com App D App E App F mydomain.com App A App B App C Plug-In Plug-In ,[object Object],[object Object],[object Object],[object Object],[object Object]
Identity Federation (for Web SSO) App D App E App F mydomain.com App A App B App C otherdomain.com ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Web SSO: IdFed between apps App2 App1 1 2 4 3 6 (1) User is authenticated in App1 by digital certificate (2) User logged in App1 needs to go to App2 (related to App1, but App2 uses user/password for authentication) (3) When user trying to access to App2, (4) the server request to App1 for the parameters of user identity (5) App1 sends a message with information requested, (6) App2 based in security policies gives access to the user ..vice-versa 5
Requirements for IdFed System ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IdFed: Common task list ,[object Object],[object Object],[object Object],[object Object],SAML Gateway App1 App2 App3 SAML Gateway SAML Gateway SAML Gateway
IdFed: The gateway IDP SP SP SP ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Authentication Assertion
IdFed: Federation policies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
JBossAS-IdFed ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
JBossAS-IdFed ,[object Object],[object Object],[object Object],[object Object]
JBossAS-IdFed ,[object Object],JAAS JBossSX IDFedGw XML/SAML Middleware (WS, RMI, JMS, EJB) JBoss Microkernel (JMX) HA, cache Clustering
High Availability of Identity Federation System on JBossAS Roger Carhuatocto QA & IT Security Project Manager IN2, Ingeniería de la Información 11 October 2005

Recommended

Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
Hitachi ID Systems, Inc.
 
Access management
Access managementAccess management
Access management
Venkatesh Jambulingam
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication Models
Raj Chanchal
 
Identity Management
Identity ManagementIdentity Management
Identity Management
Venkatesh Jambulingam
 
Patterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityPatterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise Security
WSO2
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
WAFAA AL SALMAN
 
Authentication and Authorization Models
Authentication and Authorization ModelsAuthentication and Authorization Models
Authentication and Authorization Models
CSCJournals
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
WSO2
 

Recommended

Hitachi ID Identity Manager
Hitachi ID Identity ManagerHitachi ID Identity Manager
Hitachi ID Identity Manager
Hitachi ID Systems, Inc.
 
Access management
Access managementAccess management
Access management
Venkatesh Jambulingam
 
Authentication Models
Authentication ModelsAuthentication Models
Authentication Models
Raj Chanchal
 
Identity Management
Identity ManagementIdentity Management
Identity Management
Venkatesh Jambulingam
 
Patterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityPatterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise Security
WSO2
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
WAFAA AL SALMAN
 
Authentication and Authorization Models
Authentication and Authorization ModelsAuthentication and Authorization Models
Authentication and Authorization Models
CSCJournals
 
Identity Management for Web Application Developers
Identity Management for Web Application DevelopersIdentity Management for Web Application Developers
Identity Management for Web Application Developers
WSO2
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity Management
WSO2
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
P2PSystem
 
Design Pattern for Oracle Identity Provisioning
Design Pattern for Oracle Identity ProvisioningDesign Pattern for Oracle Identity Provisioning
Design Pattern for Oracle Identity Provisioning
Mike Reams
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authentication
ijtsrd
 
test
testtest
test
pixeldemo
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity Management
Sven Wohlgemuth
 
Up 2011-ken huang
Up 2011-ken huangUp 2011-ken huang
Up 2011-ken huang
Ken Huang
 
76 s201923
76 s20192376 s201923
76 s201923
IJRAT
 
Windows Identity Foundation
Windows Identity FoundationWindows Identity Foundation
Windows Identity Foundation
manz1234
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager
Hitachi ID Systems, Inc.
 
ISS SA le presenta IdentityGuard de Entrust
ISS SA le presenta IdentityGuard de EntrustISS SA le presenta IdentityGuard de Entrust
ISS SA le presenta IdentityGuard de Entrust
Information Security Services SA
 
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
Chema Alonso
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
Open am and_radiantone
Open am and_radiantoneOpen am and_radiantone
Open am and_radiantone
Jose R
 
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_Ie-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
Connected Islands
 
Identity Managment
Identity ManagmentIdentity Managment
Identity Managment
Alanoud Alqoufi
 
Single sign on assistant an authentication brokers
Single sign on assistant an authentication brokersSingle sign on assistant an authentication brokers
Single sign on assistant an authentication brokers
Finalyear Projects
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
Hai Nguyen
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
Hai Nguyen
 
Google cardboard what's inside the box - mildura development corp
Google cardboard what's inside the box - mildura development corpGoogle cardboard what's inside the box - mildura development corp
Google cardboard what's inside the box - mildura development corp
Tim Gentle
 
IntelligentEnterprise
IntelligentEnterpriseIntelligentEnterprise
IntelligentEnterprise
Barry Grushkin 9,600 +
 
Data Science-final7
Data Science-final7Data Science-final7
Data Science-final7
Barry Grushkin 9,600 +
 

More Related Content

What's hot

End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity Management
WSO2
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authentication
ijtsrd
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity Management
Sven Wohlgemuth
 
Windows Identity Foundation
Windows Identity FoundationWindows Identity Foundation
Windows Identity Foundation
manz1234
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
Open am and_radiantone
Open am and_radiantoneOpen am and_radiantone
Open am and_radiantone
Jose R
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
Hai Nguyen
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
Hai Nguyen
 

What's hot (19)

End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity Management
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
 
Design Pattern for Oracle Identity Provisioning
Design Pattern for Oracle Identity ProvisioningDesign Pattern for Oracle Identity Provisioning
Design Pattern for Oracle Identity Provisioning
 
Authentication through Claims-Based Authentication
Authentication through Claims-Based AuthenticationAuthentication through Claims-Based Authentication
Authentication through Claims-Based Authentication
 
test
testtest
test
 
Privacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity ManagementPrivacy in Business Processes by User-Centric Identity Management
Privacy in Business Processes by User-Centric Identity Management
 
Up 2011-ken huang
Up 2011-ken huangUp 2011-ken huang
Up 2011-ken huang
 
76 s201923
76 s20192376 s201923
76 s201923
 
Windows Identity Foundation
Windows Identity FoundationWindows Identity Foundation
Windows Identity Foundation
 
Hitachi ID Privileged Access Manager
Hitachi ID Privileged Access ManagerHitachi ID Privileged Access Manager
Hitachi ID Privileged Access Manager
 
ISS SA le presenta IdentityGuard de Entrust
ISS SA le presenta IdentityGuard de EntrustISS SA le presenta IdentityGuard de Entrust
ISS SA le presenta IdentityGuard de Entrust
 
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
New Paradigms of Digital Identity: Authentication & Authorization as a Servic...
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 
Open am and_radiantone
Open am and_radiantoneOpen am and_radiantone
Open am and_radiantone
 
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_Ie-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
e-Idenity-and-e-Government_ELAK-Code-Camp-Lecture_I
 
Identity Managment
Identity ManagmentIdentity Managment
Identity Managment
 
Single sign on assistant an authentication brokers
Single sign on assistant an authentication brokersSingle sign on assistant an authentication brokers
Single sign on assistant an authentication brokers
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guide
 

Viewers also liked

Blog slideshare (h istoria del carnaval)
Blog slideshare (h istoria del carnaval)Blog slideshare (h istoria del carnaval)
Blog slideshare (h istoria del carnaval)
Veronica-7
 
Tagger workbook 300dpi rgb 3-21
Tagger workbook 300dpi rgb 3-21Tagger workbook 300dpi rgb 3-21
Tagger workbook 300dpi rgb 3-21
Tagger London
 
Horario
HorarioHorario
Horario
None
 

Viewers also liked (19)

Google cardboard what's inside the box - mildura development corp
Google cardboard what's inside the box - mildura development corpGoogle cardboard what's inside the box - mildura development corp
Google cardboard what's inside the box - mildura development corp
 
IntelligentEnterprise
IntelligentEnterpriseIntelligentEnterprise
IntelligentEnterprise
 
Data Science-final7
Data Science-final7Data Science-final7
Data Science-final7
 
Distrito 04
Distrito 04Distrito 04
Distrito 04
 
Colaboración entre faunia y zoo
Colaboración entre faunia y zooColaboración entre faunia y zoo
Colaboración entre faunia y zoo
 
Sellers Seek Faster cash cycles from Retailers
Sellers Seek Faster cash cycles from RetailersSellers Seek Faster cash cycles from Retailers
Sellers Seek Faster cash cycles from Retailers
 
TRANSPARÊNCIA COM DINHEIRO PÚBLICO.EXTRATO DE PUBLICAÇÃO NA IMPRENSA OFICIAL ...
TRANSPARÊNCIA COM DINHEIRO PÚBLICO.EXTRATO DE PUBLICAÇÃO NA IMPRENSA OFICIAL ...TRANSPARÊNCIA COM DINHEIRO PÚBLICO.EXTRATO DE PUBLICAÇÃO NA IMPRENSA OFICIAL ...
TRANSPARÊNCIA COM DINHEIRO PÚBLICO.EXTRATO DE PUBLICAÇÃO NA IMPRENSA OFICIAL ...
 
Public Key Infrastructure
Public Key InfrastructurePublic Key Infrastructure
Public Key Infrastructure
 
Surprises du monde vivant XXXV - Les Adieux
Surprises du monde vivant XXXV - Les AdieuxSurprises du monde vivant XXXV - Les Adieux
Surprises du monde vivant XXXV - Les Adieux
 
Blog slideshare (h istoria del carnaval)
Blog slideshare (h istoria del carnaval)Blog slideshare (h istoria del carnaval)
Blog slideshare (h istoria del carnaval)
 
Tagger workbook 300dpi rgb 3-21
Tagger workbook 300dpi rgb 3-21Tagger workbook 300dpi rgb 3-21
Tagger workbook 300dpi rgb 3-21
 
Conclusiones encuesta
Conclusiones encuestaConclusiones encuesta
Conclusiones encuesta
 
5 beautiful but Extremely Dangerous Animals
5 beautiful but Extremely Dangerous Animals5 beautiful but Extremely Dangerous Animals
5 beautiful but Extremely Dangerous Animals
 
Nombre apellido grencia de proyectos
Nombre apellido grencia de proyectosNombre apellido grencia de proyectos
Nombre apellido grencia de proyectos
 
PRESENTATION CREDIT4LIFE (3)
PRESENTATION CREDIT4LIFE (3)PRESENTATION CREDIT4LIFE (3)
PRESENTATION CREDIT4LIFE (3)
 
Medios mecánicos de almacenaje
Medios mecánicos de almacenajeMedios mecánicos de almacenaje
Medios mecánicos de almacenaje
 
Vulnerabilidades y soluciones
Vulnerabilidades y solucionesVulnerabilidades y soluciones
Vulnerabilidades y soluciones
 
Horario
HorarioHorario
Horario
 
Gerencia de procesos - Organizaciones orientadas por procesos
Gerencia de procesos - Organizaciones orientadas por procesosGerencia de procesos - Organizaciones orientadas por procesos
Gerencia de procesos - Organizaciones orientadas por procesos
 

Similar to Identity Federation on JBossAS

Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
Oliver Pfaff
 
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
idescitation
 
Directions Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docxDirections Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docx
mariona83
 
School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docx
jeffsrosalyn
 

Similar to Identity Federation on JBossAS (20)

Shibboleth Guided Tour Webinar
Shibboleth Guided Tour WebinarShibboleth Guided Tour Webinar
Shibboleth Guided Tour Webinar
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
Protect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloudProtect your business with identity and access management in the cloud
Protect your business with identity and access management in the cloud
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Web-services
Web-services Web-services
Web-services
 
WSO2 Identity Server - Product Overview
WSO2 Identity Server - Product OverviewWSO2 Identity Server - Product Overview
WSO2 Identity Server - Product Overview
 
Campus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson UniversityCampus Consortium EdTalks Featuring Clemson University
Campus Consortium EdTalks Featuring Clemson University
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
 
Presentation
PresentationPresentation
Presentation
 
SWXG 2010.6.9 v2
SWXG 2010.6.9 v2SWXG 2010.6.9 v2
SWXG 2010.6.9 v2
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
 
A A A
A A AA A A
A A A
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
 
Directions Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docxDirections Answer each question individual and respond with full .docx
Directions Answer each question individual and respond with full .docx
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment ChallengesSuccessful Enterprise Single Sign-on: Addressing Deployment Challenges
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Salesforce DevOps Online Training Institute
Salesforce DevOps Online Training InstituteSalesforce DevOps Online Training Institute
Salesforce DevOps Online Training Institute
 
Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7Introduccion a la seguridad Windows 7
Introduccion a la seguridad Windows 7
 
SSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy ManagementSSO IN/With Drupal and Identitiy Management
SSO IN/With Drupal and Identitiy Management
 
School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docx
 

More from Roger CARHUATOCTO

[Webinar] Creando un "backend" con WSO2
[Webinar] Creando un "backend" con WSO2 [Webinar] Creando un "backend" con WSO2
[Webinar] Creando un "backend" con WSO2
Roger CARHUATOCTO
 
Drupal camp2010bcn cmis-drupal_alfresco-v1.1
Drupal camp2010bcn cmis-drupal_alfresco-v1.1Drupal camp2010bcn cmis-drupal_alfresco-v1.1
Drupal camp2010bcn cmis-drupal_alfresco-v1.1
Roger CARHUATOCTO
 
Fast building Vertical Portals: e-Learning and Social Network
Fast building Vertical Portals: e-Learning and Social Network Fast building Vertical Portals: e-Learning and Social Network
Fast building Vertical Portals: e-Learning and Social Network
Roger CARHUATOCTO
 
03 webinar content_deliveryplatform_v1.0-intix
03 webinar content_deliveryplatform_v1.0-intix03 webinar content_deliveryplatform_v1.0-intix
03 webinar content_deliveryplatform_v1.0-intix
Roger CARHUATOCTO
 
02 webinar gestion_expedientes_v0.6.1-intix
02 webinar gestion_expedientes_v0.6.1-intix02 webinar gestion_expedientes_v0.6.1-intix
02 webinar gestion_expedientes_v0.6.1-intix
Roger CARHUATOCTO
 

More from Roger CARHUATOCTO (20)

[Webinar] Creando un "backend" con WSO2
[Webinar] Creando un "backend" con WSO2 [Webinar] Creando un "backend" con WSO2
[Webinar] Creando un "backend" con WSO2
 
[Webinar] SOA ágil con WSO2
[Webinar] SOA ágil con WSO2[Webinar] SOA ágil con WSO2
[Webinar] SOA ágil con WSO2
 
[Webinar] Gestión Identidades y Control de Acceso en los Servicios usando WSO...
[Webinar] Gestión Identidades y Control de Acceso en los Servicios usando WSO...[Webinar] Gestión Identidades y Control de Acceso en los Servicios usando WSO...
[Webinar] Gestión Identidades y Control de Acceso en los Servicios usando WSO...
 
Comparativa de Suites BPM free open source (v1.0-20110721)
Comparativa de Suites BPM free open source (v1.0-20110721)Comparativa de Suites BPM free open source (v1.0-20110721)
Comparativa de Suites BPM free open source (v1.0-20110721)
 
Orquestando Procesos de Negocio de manera ágil con Bonita BPM (v1.0)
Orquestando Procesos de Negocio de manera ágil con Bonita BPM (v1.0)Orquestando Procesos de Negocio de manera ágil con Bonita BPM (v1.0)
Orquestando Procesos de Negocio de manera ágil con Bonita BPM (v1.0)
 
BizLife - Construyendo un Ecosistema Empresarial usando WSO2
BizLife - Construyendo un Ecosistema Empresarial usando WSO2BizLife - Construyendo un Ecosistema Empresarial usando WSO2
BizLife - Construyendo un Ecosistema Empresarial usando WSO2
 
Chakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and PenroseChakray.com - Enterprise Security and IAM with WSO2IS and Penrose
Chakray.com - Enterprise Security and IAM with WSO2IS and Penrose
 
Introducción a la gestión de contenidos web con Liferay Portal 6.1.x
Introducción a la gestión de contenidos web con Liferay Portal 6.1.xIntroducción a la gestión de contenidos web con Liferay Portal 6.1.x
Introducción a la gestión de contenidos web con Liferay Portal 6.1.x
 
WSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto PlatformWSO2Con 2013 - WSO2 as a Crypto Platform
WSO2Con 2013 - WSO2 as a Crypto Platform
 
Drupal camp2010bcn cmis-drupal_alfresco-v1.1
Drupal camp2010bcn cmis-drupal_alfresco-v1.1Drupal camp2010bcn cmis-drupal_alfresco-v1.1
Drupal camp2010bcn cmis-drupal_alfresco-v1.1
 
Fast building Vertical Portals: e-Learning and Social Network
Fast building Vertical Portals: e-Learning and Social Network Fast building Vertical Portals: e-Learning and Social Network
Fast building Vertical Portals: e-Learning and Social Network
 
03 webinar content_deliveryplatform_v1.0-intix
03 webinar content_deliveryplatform_v1.0-intix03 webinar content_deliveryplatform_v1.0-intix
03 webinar content_deliveryplatform_v1.0-intix
 
01 webinar caso_migracion_portalweb_v1.4.1-intix
01 webinar caso_migracion_portalweb_v1.4.1-intix01 webinar caso_migracion_portalweb_v1.4.1-intix
01 webinar caso_migracion_portalweb_v1.4.1-intix
 
02 webinar gestion_expedientes_v0.6.1-intix
02 webinar gestion_expedientes_v0.6.1-intix02 webinar gestion_expedientes_v0.6.1-intix
02 webinar gestion_expedientes_v0.6.1-intix
 
Drupal Camp2010 Bcn Cmis Drupal Alfresco V1 1
Drupal Camp2010 Bcn Cmis Drupal Alfresco V1 1Drupal Camp2010 Bcn Cmis Drupal Alfresco V1 1
Drupal Camp2010 Bcn Cmis Drupal Alfresco V1 1
 
1st Peruvian It Security Workshop Flyer
1st Peruvian It Security Workshop Flyer1st Peruvian It Security Workshop Flyer
1st Peruvian It Security Workshop Flyer
 
PKI Aplicada V1.3
PKI Aplicada V1.3PKI Aplicada V1.3
PKI Aplicada V1.3
 
Calidad y Seguridad en el SDLC V1 4
Calidad y Seguridad en el SDLC V1 4Calidad y Seguridad en el SDLC V1 4
Calidad y Seguridad en el SDLC V1 4
 
Intrusion Detection System V1.2
Intrusion Detection System V1.2Intrusion Detection System V1.2
Intrusion Detection System V1.2
 
Digital Forensics V1.4
Digital Forensics V1.4Digital Forensics V1.4
Digital Forensics V1.4
 

Identity Federation on JBossAS

  • 1. High Availability of Identity Federation System on JBossAS Roger Carhuatocto QA & IT Security Project Manager IN2, Ingeniería de la Información 11 October 2005
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13. Standards: SAML, a assertion Server which send the “assertion” Time valid of the “assertion” User being authenticated Authentication method used
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20. Web SSO: IdFed between apps App2 App1 1 2 4 3 6 (1) User is authenticated in App1 by digital certificate (2) User logged in App1 needs to go to App2 (related to App1, but App2 uses user/password for authentication) (3) When user trying to access to App2, (4) the server request to App1 for the parameters of user identity (5) App1 sends a message with information requested, (6) App2 based in security policies gives access to the user ..vice-versa 5
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28. High Availability of Identity Federation System on JBossAS Roger Carhuatocto QA & IT Security Project Manager IN2, Ingeniería de la Información 11 October 2005

Editor's Notes

  1. Products JBoss AS Competitors Hibernate Competitors manual JDBC EJB 2.x (all app servers) Oracle Toplink JDO 1. 2. 3. JBossCache (JCache) Competitors OScache (OpenSymphony) Tangersol JBPM Competitors OSworkflow (OpenSympony) *WFM (http://wfmopen.sourceforge.net) Tomcat Competition JRun Weblogic Express IBM Websphere Servlet Engine *Jetty *Resin JBoss IDE Competition AppServer Specific WL Workshop WSAD (Eclipse-based) AppServer agnostic IntelliJ IDEA JBuilder *Eclipse (explain IDE-builder instead of app-builder) MyEclipse Projects Javassist Competitors ASM BCEL SERP CG-LIB (used by Spring) JBoss AOP Competitors AspectWerkz AspectJ Spring CGlib (lower level) dynaop AOPalliance JBoss Microkernel Competitors Spring Hivemind PicoContainer JBossMQ / JBossJMS Competitors IBM MQ-Series MS-MQ SonicMQ Oracle AQ *openJMS *JORAM JBoss Portal Competitors Jetspeed eXO JGroups Competitors Customers Using Ameritrade