1 / 33

Open standard based Identity Provisioning for Cloud

Open standard based Identity Provisioning for Cloud. Prabath Siriwardena. About Me. Director of Security Architecture at WSO2 Leads WSO2 Identity Server – an open source identity and entitlement management product. Apache Axis2/Rampart committer / PMC

maine
Download Presentation

Open standard based Identity Provisioning for Cloud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Open standard based Identity Provisioning for Cloud Prabath Siriwardena

  2. About Me • Director of Security Architecture at WSO2 • Leads WSO2 Identity Server – an open source identity and entitlement management product. • Apache Axis2/Rampart committer / PMC • A member of OASIS Identity Metasystem Interoperability (IMI) TC, OASIS eXtensible Access Control Markup Language (XACML) TC and OASIS Security Services (SAML) TC. • Twitter : @prabath • Email : prabath@apache.org • Blog : http://blog.facilelogin.com • LinkedIn : http://www.linkedin.com/in/prabathsiriwardena

  3. Plug-Map

  4. Open standard (and also open source) based Identity Provisioning for Cloud

  5. Synchronization

  6. Synchronization

  7. Sharing

  8. Single Sign-On

  9. Provisioning

  10. Standard-based Provisioning

  11. Standard-based Provisioning SPML 1.0 Request / Response

  12. Standard-based Provisioning SPML 1.0 Request / Response

  13. Standard-based Provisioning SPML 2.0 Request / Response [DSML]

  14. Standard-based Provisioning SPML 2.0 Request / Response [XDS]

  15. Standard-based Provisioning

  16. System for Cross-domain Identity Management

  17. System for Cross-domain Identity Management {"schemas":[], "name": {"familyName":"siriwardena", "givenName":"prabath"}, "userName":"prabath", "password":"prabath123", "externalId":"prabathext", "emails":[ {"primary":true, "value":"prabath@wso2.com", "type":"home"}, {"value":"prabathsiriwardena@yahoo.com", "type":"work"}] } curl -k --user admin:admin -d @add-user.json --header "Content-Type:application/json" https://localhost:9445/wso2/scim/Users

  18. System for Cross-domain Identity Management {"schemas":["urn:scim:schemas:core:1.0"], "displayName" : "OSDC", "externalId" : "OSDC", "members": [ { "value": "f64e6507-756d-4a14-ac43-c9d02167f411", "display": "prabath" } ] } curl -k --user admin:admin -d @add-group.json --header "Content-Type:application/json" https://localhost:9445/wso2/scim/Groups

  19. System for Cross-domain Identity Management

  20. Authenticating SCIM Requests • HTTP Basic Authentication • OAuth 2.0

  21. Authenticating SCIM Requests

  22. Authenticating SCIM Requests Get the Access Token from the OAuth Authorization Server curl -v -X POST --basic -u XQi6DUDPnMW_FH_VK3f1gBetNAsa:VfKb7MHzH7Q0U6YdNV6ehhetCpka -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=password&username=admin&password=admin" https://localhost:9445/oauth2/token Add a user with via SCIM curl -k -H "Authorization: Bearer ea7f76f134eb9bbb12d4b06b93e1d0a3" -d @add-user.json --header "Content-Type:application/json” https://localhost:9445/wso2/scim/Users

  23. Authenticating SCIM Requests

  24. Authorizing SCIM Requests

  25. Authorizing SCIM Requests

  26. Authorizing SCIM Requests

  27. Federated Provisioning Patterns

  28. Federated Provisioning Patterns

  29. Federated Provisioning Patterns

  30. Federated Provisioning Patterns

  31. Federated Provisioning Patterns

  32. Federated Provisioning Patterns

  33. lean . enterprise . middleware

More Related