Friday Feb 15, 2008

More on ActivIdentity 4TRESS and OpenSSO

Marc Puverel at ActivIdentity emailed me today to point out that ActivIdentity provides an online service for 4TRESS evaluation. As Marc says, it's all in the docs:

ActivIdentity provides an online service that you may use to evaluate the Sun OpenSSO integration with ActivIdentity 4TRESS Authentication Server. In such case make sure your platform has access to Internet, then you can use the following settings:

  • 4Tress URL Endpoint: http://66.126.185.111:9090/4TRESSSoap/services/Authenticator-11
  • 4Tress Channel Code: CH_WEB
  • 4Tress Authentication Type Code: DYNMC_AUTH
  • 4Tress Authentication Mode Synchronous : SYNCH
  • 4Tress Security Domain: DOMAIN1

You will have to log out of AM as the administrator before you can test the login module.

To test the login Module, use the URL http://<FAM_HOST>:<FAM_PORT>/opensso/UI/Login?module=<MODULE_NAME>. You should see the following login page:4Tress LoginPage

If you use ActivIdentity 4TRESS Online service you can use the following credentials to test user authentication:

  • Username: CUSTOMER
  • Password: OpenSSO

You may want to evaluate Sun Access Manager authentication using Strong Authentication. Send an email to OpenSSO@ActivIdentity.com with the following information:

  • Company
  • First Name
  • Last Name
  • Email
  • Telephone
  • Country

ActivIdentity will provide you a personal user account and a list of One Time Passwords. You may use these pre-generated One Time Password to have an overview of the end user experience and the associated security.

So, you can give the new authentication module a try, even if you don't have 4TRESS installed.

Friday Feb 08, 2008

ActivIdentity 4TRESS Authentication Module for OpenSSO/Access Manager

Marina Sum (who must be just about the busiest tech author at Sun Developer Network these days!) has co-written an article with Michelle Cope, of Sun's ISV Engineering team, on integrating Sun Java System Access Manager with ActivIdentity 4TRESS Authentication Server.

The article shows how you can use Access Manager's session upgrade feature to protect particularly sensitive resources with the one-time password (OTP) authentication schemes in 4TRESS.

What is particularly interesting about this integration is that the complete source code is available as an OpenSSO Extension; if you already have ActivIdentity 4TRESS, you can read the article, download the source, build the authentication module and deploy it into Access Manager or OpenSSO. If you don't have 4TRESS, then call the good people at ActivIdentity, and tell them Pat sent you

About

superpat

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today