Friday Jun 20, 2008

New consolidated wiki on OpenSSO/Federated Access Manager

As more and more documents on OpenSSO are being written all over the Internet, this information is now bundled in a central wiki.

URL : http://wiki.opensso.org/


It contains information on product architecture, early-access documentation, FAQ's en Technical articles targeted at the developers community etc.  Also all the video based product demonstrations (for instance the ones one federation, the fedlet, the federation validator, etc ... are contained).

Have fun reading !

Thursday Jun 12, 2008

OpenSSO/FAM and the Belgian Identity Card (EID)

People keep asking me whether Sun's identity management solution supports the EID card for authentication out-of-the-box.  The answer is YES.

OpenSSO/FAM can use the EID certificate via X509, leveraging the EID middleware and the browser' SSL backchannel.
In order to map the certificate to a local LDAP account/profile, you can either have that account created on the fly, use a transient session that only keeps the profile in memory and deletes it afterwards, or map it to an existing profile by adding the certificate public key as an attribute to the OpenSSO used LDAP repository.

For more information on how to configure the OpenSSO environment for use of EID, please look at Sebastien's article :
http://blogs.sun.com/sebsto/entry/use_your_eid_to_authenticate

Another way of dealing with is would be to use Federation (f.e. SAML 2) connecting OpenSSO to a SAML enabled identity provider using EID as a means of authentication.   That way, an assertion would be sent to OpenSSO that could be used to create a session for the intended account.
IDP's with this capability that do not currently have SAML 2 functionality embedded in the product may want to take a look at the newly added Fedlet and Federation Validator functionality added in OpenSSO. It is both intended for SP's and IDP's.
See : http://blogs.sun.com/sid/entry/fedlet



About

Bert Van Beeck is a Senior Software Architect at Sun Microsystems, specialized in Sun's Identity Management portfolio. He's part of the Northern European pre-sales software team.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today