An Oracle blog about Consulting Security Corner

  • February 19, 2010

Creating an Active Directory Firewall with Oracle Virtual Directory

Guest Author

Inspired by recent thread of posts on other blogs about alternatives to SPML and using local AD for cloud security - I recorded a demo showing how OVD can be used to create an Active Directory firewall. So for example you could use OVD to provide secure remote access to AD data without needing to put AD on the Internet.

This would allow for example applications running "in the cloud" (such as Amazon EC2, Rackspace or Google) that can use LDAP for authentication to use local AD (or any other LDAP server like DSEE or Novell) to use that authentication without needing to synchronize passwords.

Another option which is used by one of our customers is that they use SAML-based federation for authentication to a partner application. But the partner app uses OVD's DSML v2 support to query for attributes. Or if you prefer REST-style Web Services - OVD also supports a REST interface capable of returning either XML (either DSML or custom format) or even JSON. I'll put examples of that up in a later screencast.

You can watch the firewall screencast here


Posted via email from Virtual Identity Dialogue

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.