OpenSSO & Layer 7: End-to-End Web Services Security
By dr156914 on Dec 08, 2009
Last week I recorded a new Identity Buzz Podcast with K. Scott Morrison, Layer 7 CTO & Chief Architect. We discussed the Sun OpenSSO Enterprise / Layer 7 SecureSpan Gateway integration. The combined Sun / Layer 7 solution offers a powerful one-two punch when trying to conquer web services security.
Essentially, the solution allows you to deploy SecureSpan as a policy enforcement point and OpenSSO as a Policy Decision Point when abstracting and centralizing authentication and authorization for your company's web services. The SecureSpan Gateway is a nice complement to OpenSSO because it inserts an abstraction layer between the web service requesters and web service endpoints in order to govern and secure their transactions. Rather than having to deploy a local agent to protect every web service you can implement a gateway that acts as a broker to all your services.
To learn more about this integration listen to our latest Identity Buzz Podcast on the topic.
You can also subscribe to the feed and get episodes automatically. Here’s the iTunes friendly link and the Feedburner feed. There is also a nice article describing the integration on the Sun Developer Network titled "Delegating XML Gateway Runtime Authorization to OpenSSO." Enjoy!