advertisement
javaboutique
Search Tips
Articles  |   Tutorials  |   Reviews  |   Tools  |   by Category  |   by Date  |   by Name  |   Submit  |   Source  |   Forums  |  
javaboutique
Browse DevX


Partners & Affiliates


advertisement

Tutorials : Identity Management Made Easy with OpenSSO :

Identity Management Made Easy with OpenSSO

by Thribhuvan Thakur

As the need for inter-enterprise e-commerce business processes becomes apparent, identity managementis also becoming a concern. Obviously, users appreciate SSO—the ability to sign on once and move seamlessly through the application portfolio. Without federated identity management, users are forced to endure the current state of affairs, which means managing multiple logins and application-specific identities. Within a corporate network, however, it's reasonable for employees to expect direct access to corporate applications and salary and benefit records without having to re-authenticate themselves.

What Is Identity Management, Anyway?

Identity Management involves a comprehensive set of tools and business processes, along with their supporting infrastructures, all of which work together to manage the life cycle of user identity and its relationship to business applications and services. An Identity Provider (IdP) is responsible for identity management as well as helping a Service Provider (SP) identify a user.

Figure 1 shows the actors involved in identity management.


Figure 1. Identity Management a Solution to Identity Crisis

OpenSSO

The Open Web Single Sign-On project (OpenSSO) is an open-source initiative by Sun Microsystems. This project's goal is to provide an extensible foundation for an identity services infrastructure in the public domain, facilitating single sign-on (SSO) and cross-domain single sign-on (CDSSO) for web applications, federation capabilities, and secure web services.


Figure 2. Federated Access Manager

OpenSSO provides a single, self-contained J2EE application called Federated Access Manager (FAM) for easy roll out. FAM implementation is based on the Sun Java System Access Manager and the Sun Java System Federation Manager.

Among other services, FAM provides the following:

Authentication Service: This verifies the user's credentials and issues a user-session token as a proof of authentication. It consists of plug-in modules, a core authentication component, a web service interface, and a client API. A JAAS framework is integrated in this service and plays and important role in authentication chaining.

Authorization/Policy Service: This evaluates policies associated with a user's identity and determines whether an authenticated user has permissions to access a protected resource.

Session (SSO) Service: This provides continued proof of the user's identity, which enables the user to access multiple enterprise resources within the same domain—without having to provide credentials each time (for example, SSO). It also provides cross-domain single sign-on (CDSSO) capability that enables users to access applications among multiple DNS domains.

Security Assertion Markup Language (SAML) Service: This allows business partners to securely exchange authentication and authorization information over the internet.

Identity Federation Service: This consolidates multiple local identities into one federated identity. This enables the user to move across multiple service providers without having to re-authenticate themselves. This feature is built upon the Liberty Alliances Framework, which introduced the concept of circle of trust.

Logging Service: This enables auditing by recording information such as access denials and approvals, authentication events, and authorization violations.

How to Add Java Applets to Your Site

New on the Java Boutique:

New Review:

Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling API boasts simplicity, ease-of-integration, a well-rounded feature set, and it's free!

New Applet:

Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA sequences into three useful formats.

Elsewhere on internet.com:

WebDeveloper Java
Lots of Java information on webdeveloper.com

WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.

ScriptSearch Java
Hundreds of free Java code files to download.

jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.

XML error: undefined entity at line 19
advertisement
Receive Articles via our XML/RSS feed
Receive Articles via our XML/RSS feed

JavaBytes
Internet Cyclone
This powerful, easy-to-use, internet optimizer is for Windows 95, 98, ME, NT, 2000 and XP. It's designed to automatically optimize your Windows settings, boosting your Internet connection up to 200%.

Linux Vendors Head to the Cloud in Search of Cash
iPhone 3GS: Overheating Fears, OS Update Nears
PostgreSQL 8.4 Revs Up Database Admin, Security
PHP 5.3 Accelerates PHP
Sun Releases NetBeans 6.7 IDE for Java, PHP
Why Firefox Doesn't Take Google Chrome Features
First Major PHP Update in Years Coming Soon
Red Hat CEO Calls on Oracle to Keep Java Open
Google Widens AdSense for iPhone, Android Apps
Eclipse Galileo Releases 33 Open Source Projects

A Taste of JavaFX for the Uninitiated
A Guide to Caching and Compression for High Performance Web Applications
How User-Centered Design Can Put User Stories in Proper Context
Explore C# 4's New Dynamic Types and Named/Optional Parameters
Enterprise Architecture: The Journey Begins Here, Part 2
Create a Syslog Sender/Receiver Using the MS Winsock Control
AMD CodeAnalyst Helps Developers Optimize and Tune Applications
Securing Microsoft's Cloud Infrastructure
Introducing the Azure Services Platform
An Introduction to Microsoft .NET Services for Developers

Advertising Info  |   Member Services  |   Contact Us  |   Help  |   Feedback  |   Site Map  |   Network Map  |   About

internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Whitepaper: Introducing the Azure Services Platform
Whitepaper: Introduction to Microsoft .NET Services for Developers
Whitepaper: Securing Microsoft's Cloud Infrastructure
Internet.com eBook: Becoming a Better Project Manager
Microsoft Partner Portal: What Azure Means for Microsoft Partners
 Internet.com eBook: Web Development Frameworks for Java
Internet.com eBook: Developing a Content Management System Strategy
Article: Ten Things IT Professionals Should Know About Windows 7
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Get Started with .NET Services
 MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Amyuni: PDF & PDF/A Engine for .NET and ActiveX Apps
Red Gate Free Trial: SQL Toolbelt
Iron Speed Designer Application Generator
 Download Award-Winning Red Gate SQL Backup Pro
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
Internet.com Hot List: Java EE 6 Platform Highlights the JavaOne Conference
 MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES