SAML and OAUTH Technologies WebSphere Application Server

Size: px
Start display at page:

Download "SAML and OAUTH Technologies WebSphere Application Server"

Transcription

1 SAML and OAUTH Technologies WebSphere Application Server Bill O'Donnell STSM WebSphere Foundation Security Architect Session TAW-1701 Session TAW-1698

2 Please Note IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. 2

3 About the Speaker Bill O'Donnell My is WebSphere Foundation Security Architect (Austin Labs) Responsible for: Security Architecture and Design for WebSphere Portfolio Security Architect for WebSphere Application Server Product Security Incident Response Team (PSIRT) for WebSphere and AIM brand Product Secure Engineering for WebSphere and AIM brand See my website at 3

4 What are we going to talk about? SAML Overview SAML Web SSO Post Binding Profile SAML Web Services Token Profile OAUTH Overview 4

5 SAML Overview 5

6 What is SAML? Security Assertion Markup Language (SAML) OASIS XML-based standard Used to exchange authentication and authorization data between parties Identity Provider handles authentication and the creation and verification of SAML tokens. Service Provider accepts a SAML Token as an identity assertion SAML comprised of many (20+) profiles describing very specific uses cases on how to use SAML WebSphere Support Technical Exchange 6 6

7 Why SAML Web SSO? Growing popularity Client-based (browser) SSO solution Decoupling from the server allows greater ease of interoperability between cross-vendor products Relies on identity assertion rather than server-side authentication This means WAS does not need to be connected to the user registry at all WebSphere Support Technical Exchange 7 7

8 Common Usage Cases Target user registry not visible on WAS network SSO interoperability between WAS and non-was servers using the IdP as a common login portal SAML assertion is saved in the security Subject for down-stream calls IdP-agnostic, because all SAMLResponses and tokens must be formatted according to OASIS standards WebSphere Support Technical Exchange 8 8

9 SAML Highlights Web SSO Post Binding Profile Delivered in WAS Full Profile , , SSO between WAS and non WAS servers Relies on a Identity Assertion rather than server side authentication Typically using an Identity Provider (IdP) Web Service Security Token Profile 1.1 Delivered in WAS Full Profile and and above Used by JAX-WS applications between WAS and non WAS servers Requires a Security Token Service such as TFIM or ADSM 9

10 SAML Web SSO Post Binding Profile 10

11 Basic Flow WebSphere Support Technical Exchange 11 11

12 Basic Flow Described 1. User accesses IdP Either directly, or through redirect via WAS TAI error page definition. WAS does NOT support SP-initiated SSO 2. IdP sends back SAMLResponse POST to WAS 3. ACSTrustAssociationInterceptor grabs the response 4. ACS TAI grabs the username attribute (NameId by default) and any other defined group membership attributes and passes them to the SP Depending on TAI config, SP may verify user and/or user s group membership in a repository, 5. SP uses that data to create an LTPA token SP is either the default WebSphereSamlSP at the /samlsps context, or a customer-implemented SP WebSphere Support Technical Exchange 12 12

13 Basic Flow continued WebSphere Support Technical Exchange 13 13

14 WAS Configuration - Enablement Update to or Install WebSphereSamlSP.ear or run installsamlacs.py script Enable ACS TAI via AdminTask.addSAMLTAISSO or add the class manually in ISC Import the IdP's FederationMetadata.xml using the AdminTask.importSAMLIdpMetadata command, or simply import its signer certificate Configure WAS to trust the IdP's realm Configure WAS security custom properties and ACSTAI custom properties WebSphere Support Technical Exchange 14 14

15 Example TAI properties WebSphere Support Technical Exchange 15 15

16 Authorization Group membership can be asserted in the SAMLResponse and/or grabbed from the WAS user registry Controlled by sso_<id>.sp.groupmap and sso<id>.sp.groupname Security role to user/group mappings defined in the normal fashion, but watch out for weird realm names. Purely asserted groups must be mapped manually, since the registry isn t searchable from the WAS ISC WebSphere Support Technical Exchange 16 16

17 SSL Transport- and message-layer encryption are both optional Best practice: the public key from the IdP be imported into WAS so that we can validate/trust the <Signature> Message-layer encryption can be enabled by providing the IdP with the WAS public key, and specifying the sso_<id>.sp.keystore, sso_<id>.sp.keypassword, and sso_<id>.sp.keyalias TAI custom props for the private key WebSphere Support Technical Exchange 17 17

18 Error Pages Unauthenticated requests are redirected based on sso_<id>.sp.login.error.page https:// or MappingClassName Almost always want to set this to the same URL as sso_<id>.idp_<id>.singlesignonurl More complex deployments will want to implement the IdentityProviderMapping interface to allow for dynamic error pages Generates error page URL using the unauthenticated HttpServletRequest as input WebSphere Support Technical Exchange 18 18

19 Required Global Security properties WebSphere Support Technical Exchange 19 19

20 Web Services Security: SAML Token Profile

21 Web Service SAML single-sign-on and propagation A user authenticates to an STS and requests SAML tokens using the bearer(or sender-vouches) confirmation method. The user then uses SAML tokens to access a business services provider. The business services provider validates the SAML tokens and asserts the identity and attributes of the user based on the trust relationship between the provider and the issuing STS (or sender). The service provider request service from next service provider with propogated SAML token 21

22 Web Service SAML single-sign-on with holder-of-key 1 The user logs on with a Web browser using SPNEGO (or Form Login) and is authenticated. A JAAS subject is created. 2 The credential from the SPNEGO token is used to request a SAML token using WS-Trust. The token is signed with the trust server private key. 3 The signature of the SAML token is validated based on the trust relationship. The security credential is created using the attributes from the SAML token. The cryptographic key from the SAML token is used to decrypt the SOAP message. 22

23 SAML Assertion across multiple security domains This sample diagram shows three WebSphere Application Server security domains, each of which has its own user registry. Users in the two security domains on the left send Web services messages to access resources of the security domain on the right. Users send their identities in SAML tokens to identify themselves to the target security domain. A Web services provider will use the SAML user identity to create a security context without checking its own user registry. 23

24 Default SAML policyset and general bindings SAML-specific default policy sets and general bindings are provided when the SAML function is installed. These policy sets and sample general bindings are used to request SAML tokens from an external Security Token Service (STS), and to propagate SAML tokens to downstream Web services. Default policy sets: SAML11 Bearer WSHTTPS default SAML11 Bearer WSSecurity default SAML11 HoK Public WSSecurity default SAML11 HoK Symmetric WSSecurity default SAML20 Bearer WSHTTPS default SAML20 Bearer WSSecurity default SAML20 HoK Public WSSecurity default SAML20 HoK Symmetric WSSecurity default General bindings Saml Bearer Client sample Saml Bearer Provider sample Saml HoK Symmetric Client sample Saml HoK Symmetric Provider sample 24

25 Create,validate,parse,and request SAML using API Use the SAML library application programming interface (API), the SAMLTokenFactory, to configure token parameters, create a SAML token, and bind the created token to a service request. Use the SAML trust client API to send WS-Trust SOAP requests to the specified external Security Token Service (STS) to request, validate, or exchange an SAML token. 25

26 Additional WebSphere Product Resources Learn about upcoming WebSphere Support Technical Exchange webcasts, and access previously recorded presentations at: Discover the latest trends in WebSphere Technology and implementation, participate in technically-focused briefings, webcasts and podcasts at: Join the Global WebSphere Community: Access key product show-me demos and tutorials by visiting IBM Education Assistant: View a webcast replay with step-by-step instructions for using the Service Request (SR) tool for submitting problems electronically: Sign up to receive weekly technical My Notifications s: WebSphere Support Technical Exchange 26 26

27 OAUTH Overview 27

28 What is OAUTH? Open Authorization (Oauth) Provides a way for a client to access a server resource on behalf of the resource owner Provides a way for the end user to authorize a 3 rd party to their server resources without sharing their credentials Becoming popular in social computing space As an example, Facebook and Google leverages for accessing their public APIs. WebSphere Support Technical Exchange 28 28

29 Delegated Authorization Example Valet Key An access token which offers scope access to vehicle capabilities: Speed restriction Distance restriction 29 Cannot alter some car functions e.g. radio stations Will not open storage areas 29

30 Other non-technical examples Participant passcode vs leader passcode on a teleconference or web conference. Doctor s prescription A boarding pass Any other master key system such as those used by hotels and offices for room/cabinet access

31 Example UseCase for OAUTH OAuth allows for resource sharing for social computing applications Scenario Alice wants to print her Google Picasa photos using a third party online photo printing service. Alice protects her Google Picasa photo albums using a password. Alice does not want to share her password. Using OAuth, Alice will grant access to the third party printing service the ability to read her photo. 03/28/11 31 IBM Confidential

32 Example user experience In this example, a client has a twitter account. The client application will be the online library example, and will tweet which books have been borrowed by the end-user to their twitter account. When borrowing a book for the first time (i.e. the client needs to establish an access token for the user), you are redirected to twitter for authorization. 32

33 Example user experience cont After authorization, the application can tweet using the access token The application can continue to use that access token until it expires If I login to twitter directly, I can see any tweets that were made on my behalf via API 33

34 OAuth 2.0 authorization code flow Classic three-legged OAuth with a resource owner, client and service provider. 1. The client (e.g. a web application) decides that access is required to the resource owner s private resources at a known service provider. 2. Client redirects the user to the authorization server to authorize access. 3. Service provider generates a onetime authorization code that is sent via redirect back to the client. 4. Client exchanges authorization code for an authorized access token [and refresh token]. 5. Client can [repeatedly] use the access token to obtain access to the private resources. 34

35 OAUTH 2.0 Highlights Delivered in WAS Full Profile , , and and WAS Liberty Profile WAS IBM Product Exploits Lotus Connections 35

36 OAUTH 2.0 Configuring Sample Liberty configuration in server.xml <!-- A simple OAuth provider definition. The filter determines which urls it will handle. One client is authorized to access the provider --> <oauthprovider id="sampleoauthprovider" filter="request-url%=protectedresource; request-url!=protectedresource/abc"> <localstore> <client name="client01" secret="{xor}ldo8ltor" displayname="client01" redirect="http://localhost:1234/oauthclient/redirect.jsp" enabled="true"/> </localstore> </oauthprovider> <!-- An OAuth provider can also have clients stored in a relational DB --> <oauthprovider id="dboauthprovider" filter="request-url%=oauthdbstore"> <databasestore datasourceref="oauthclientdatasource" /> </oauthprovider> <datasource id="oauthclientdatasource" jndiname="jdbc/oauth2db" jdbcdriverref="derbyembedded"> <properties.derby.embedded databasename="${shared.resource.dir}/data/oauthdb" createdatabase="create" /> </datasource> 36

37 For more information Configuring and using OAUTH from my security website OAUTH for WebSphere Application Server for Full WAS Profile Dd OAUTH for WebSphere Application Server for Liberty Profile dd 37

38 We love your Feedback! Don t forget to submit your Impact session and speaker feedback! Your feedback is very important to us we use it to improve next year s conference Go to the Impact 2013 SmartSite (http://impactsmartsite/com): Use the session ID number to locate the session Click the Take Survey link Submit your feedback 38

39

40 Legal Disclaimer IBM Corporation All Rights Reserved. The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in this presentation to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth or other results. If the text contains performance statistics or references to benchmarks, insert the following language; otherwise delete: Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. If the text includes any customer examples, please confirm we have prior written approval from such customer and insert the following language; otherwise delete: All customer examples described are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics may vary by customer. Please review text for proper trademark attribution of IBM products. At first use, each product name must be the full name and include appropriate trademark symbols (e.g., IBM Lotus Sametime Unyte ). Subsequent references can drop IBM but should include the proper branding (e.g., Lotus Sametime Gateway, or WebSphere Application Server). Please refer to for guidance on which trademarks require the or symbol. Do not use abbreviations for IBM product names in your presentation. All product names must be used as adjectives rather than nouns. Please list all of the trademarks that you use in your presentation as follows; delete any not included in your presentation. IBM, the IBM logo, Lotus, Lotus Notes, Notes, Domino, Quickr, Sametime, WebSphere, UC2, PartnerWorld and Lotusphere are trademarks of International Business Machines Corporation in the United States, other countries, or both. Unyte is a trademark of WebDialogs, Inc., in the United States, other countries, or both. If you reference Adobe in the text, please mark the first use and include the following; otherwise delete: Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. If you reference Java in the text, please mark the first use and include the following; otherwise delete: Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. If you reference Microsoft and/or Windows in the text, please mark the first use and include the following, as applicable; otherwise delete: Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. If you reference Intel and/or any of the following Intel products in the text, please mark the first use and include those that you use as follows; otherwise delete: Intel, Intel Centrino, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. If you reference UNIX in the text, please mark the first use and include the following; otherwise delete: UNIX is a registered trademark of The Open Group in the United States and other countries. If you reference Linux in your presentation, please mark the first use and include the following; otherwise delete: Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. If the text/graphics include screenshots, no actual IBM employee names may be used (even your own), if your screenshots include fictitious company names (e.g., Renovations, Zeta Bank, Acme) please update and insert the following; otherwise delete: All references to [insert fictitious company name] refer to a fictitious company and are used for illustration purposes only.

IBM Software Services for Collaboration

IBM Software Services for Collaboration An introduction to: IBM Collaboration Services for ProjExec ProjExec is easy to use professional project management software that is combined with innovative social features to provide project teams a

More information

New Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation

New Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole

More information

Mobile Application Development Track Keynote. Leigh Williamson, IBM Distinguished Engineer IBM Software Group, Rational CTO Team

Mobile Application Development Track Keynote. Leigh Williamson, IBM Distinguished Engineer IBM Software Group, Rational CTO Team Mobile Application Development Track Keynote Leigh Williamson, IBM Distinguished Engineer IBM Software Group, Rational CTO Team The Mobile Shift is what happens when people adopt and use mobile devices

More information

IBM Digital Experience meets IBM WebSphere Commerce

IBM Digital Experience meets IBM WebSphere Commerce Portal Arbeitskreis - 27.10.2014 IBM Digital Experience meets IBM WebSphere Commerce Stefan Koch Chief Programmer IBM Digital Experience 2013 IBM Corporation 2 2013 IBM Corporation Integration Pattern

More information

IBM MOBILE SECURITY SOLUTIONS - Identity and Access Management Focus

IBM MOBILE SECURITY SOLUTIONS - Identity and Access Management Focus IBM MOBILE SECURITY SOLUTIONS - Identity and Access Focus May 2012 Executive Overview Mobile devices are pervasive in our daily lives and increasingly coming to work Bring Your Own Device (BYOD) IBM is

More information

Why Finance Should Automate Management & Regulatory Reporting Processes

Why Finance Should Automate Management & Regulatory Reporting Processes May 25, 2016 Why Finance Should Automate Management & Regulatory Reporting Processes connecting senior-level financial executives since 1931 CPE Credits Today s webcast is worth 1 Continuing Professional

More information

Ubiquitous Computing, Pervasive Risk: Securely Deploy and Manage Enterprise Mobile Devices

Ubiquitous Computing, Pervasive Risk: Securely Deploy and Manage Enterprise Mobile Devices Ubiquitous Computing, Pervasive Risk: Securely Deploy and Manage Enterprise Mobile Devices S. Rohit rohits@sg.ibm.com Trends in Enterprise Mobility The need for business agility along with changing employee

More information

Single Sign-on (SSO) technologies for the Domino Web Server

Single Sign-on (SSO) technologies for the Domino Web Server Single Sign-on (SSO) technologies for the Domino Web Server Jane Marcus December 7, 2011 2011 IBM Corporation Welcome Participant Passcode: 4297643 2011 IBM Corporation 2 Agenda USA Toll Free (866) 803-2145

More information

The predictive power of Big Data in healthcare

The predictive power of Big Data in healthcare Charlie Schick, PhD Big Data, Healthcare and Life Sciences The predictive power of Big Data in healthcare 2012 IBM Corporation Market Forces Driving Health Care Transformation Increasing incidence and

More information

IBM WebSphere Application Server

IBM WebSphere Application Server IBM WebSphere Application Server SAML 2.0 web single-sign-on 2012 IBM Corporation This presentation describes support for SAML 2.0 web browser Single Sign On profile included in IBM WebSphere Application

More information

Using computing resources with IBM ILOG CPLEX CO@W2015

Using computing resources with IBM ILOG CPLEX CO@W2015 CPLEX Optimization IBM Germany 2015-10-06 Using computing resources with IBM ILOG CPLEX CO@W2015 Hardware resources Multiple cores/threads Multiple machines No machines Software resources Interfacing with

More information

IBM MobileFirst Analytics: Discover what s working, what s not, and why

IBM MobileFirst Analytics: Discover what s working, what s not, and why IBM MobileFirst Analytics: Discover what s working, what s not, and why Rüdiger Reh, Senior Solution Consultant Tealeaf, D/A/CH, IBM IBM MobileFirst Offering Portfolio Industry Solutions Banking Insurance

More information

IBM WebSphere Application Server

IBM WebSphere Application Server IBM WebSphere Application Server OAuth 2.0 service provider and TAI 2012 IBM Corporation This presentation describes support for OAuth 2.0 included in IBM WebSphere Application Server V7.0.0.25. WASV70025_OAuth20.ppt

More information

Developing Exceptional Mobile and Multi-Channel Applications using IBM Web Experience Factory. 2012 IBM Corporation 1

Developing Exceptional Mobile and Multi-Channel Applications using IBM Web Experience Factory. 2012 IBM Corporation 1 Developing Exceptional Mobile and Multi-Channel Applications using IBM Web Experience Factory 1 Agenda Mobile web applications and Web Experience Factory High-level tour of Web Experience Factory automation

More information

IBM Worklight: Responsive Design for Mul8- Channel Applica8on Development

IBM Worklight: Responsive Design for Mul8- Channel Applica8on Development IBM Worklight: Responsive Design for Mul8- Channel Applica8on Development Please Note IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at

More information

IBM Systems Director Navigator for i5/os New Web console for i5, Fast, Easy, Ready

IBM Systems Director Navigator for i5/os New Web console for i5, Fast, Easy, Ready Agenda Key: Session Number: 35CA 540195 IBM Systems Director Navigator for i5/os New Web console for i5, Fast, Easy, Ready 8 Copyright IBM Corporation, 2008. All Rights Reserved. This publication may refer

More information

How to Deliver Measurable Business Value with the Enterprise CMDB

How to Deliver Measurable Business Value with the Enterprise CMDB How to Deliver Measurable Business Value with the Enterprise CMDB James Moore jdmoore@us.ibm.com Product Manager, Business Service, Netcool/Impact 2010 IBM Corporation Agenda What is a CMDB? What are CMDB

More information

IBM MQ Disaster Recovery

IBM MQ Disaster Recovery IBM MQ Disaster Recovery Mark Taylor marke_taylor@uk.ibm.com IBM Hursley Please Note IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM

More information

Big Data: Modern Ecosystems for Data Warehousing and Analytics. James Kobielus IBM Big Data Evangelist. 2014 IBM Corporation

Big Data: Modern Ecosystems for Data Warehousing and Analytics. James Kobielus IBM Big Data Evangelist. 2014 IBM Corporation Big Data: Modern Ecosystems for Data Warehousing and Analytics James Kobielus IBM Big Data Evangelist Insight-driven Client-centric Four Technologies Help Define the Smarter All Enterprise Embracing Data

More information

Using SAML for Single Sign-On in the SOA Software Platform

Using SAML for Single Sign-On in the SOA Software Platform Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software

More information

A Strategic Guide to Enterprise Mobility

A Strategic Guide to Enterprise Mobility A Strategic Guide to Enterprise Mobility Dirk Nicol Director Practitioner Outreach and Mobile Developer Community IBM 2013 IBM Corporation Introducing the Mobile Enterprise The next era of computing Builds

More information

The Vision of modern (Cloud) Computing within Financial Services Business

The Vision of modern (Cloud) Computing within Financial Services Business The Vision of modern (Cloud) Computing within Financial Services Business Michael Schüttler (MBA) - Leader Cloud Solution Sales The reality of living in a globally integrated world is upon us Economic

More information

JMP105 JumpStart: Single Sign-on (SAML) Administration Basics

JMP105 JumpStart: Single Sign-on (SAML) Administration Basics JMP105 JumpStart: Single Sign-on (SAML) Administration Basics Jane Marcus jmarcus@us.ibm.com Senior software engineer, IBM 2014 IBM Corporation Agenda Single sign-on introduction SAML concepts Domino 9.x

More information

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service

An Oracle White Paper Dec 2013. Oracle Access Management Security Token Service An Oracle White Paper Dec 2013 Oracle Access Management Security Token Service Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only,

More information

2792 - Leveraging WebSphere Commerce for Search Engine Optimization (SEO)

2792 - Leveraging WebSphere Commerce for Search Engine Optimization (SEO) 2792 - Leveraging WebSphere Commerce for Search Engine Optimization (SEO) Walfrey Ng, Development Manger, WebSphere Commerce Srini Rangaswamy, Product Manager, WebSphere Commerce IBM s statements regarding

More information

Reinventing business operations with Smarter Process

Reinventing business operations with Smarter Process Reinventing business operations with Smarter Process Dr. Stefan Kollakowski IBM Partner & Leader Smarter Process DACH BPM ist mehr als eine Technologie - BPM ist ein Managementkonzept zur prozessorientierten

More information

Lawson M3 7.1 on IBM POWER 520 and IBM i V6.1

Lawson M3 7.1 on IBM POWER 520 and IBM i V6.1 Lawson M3 7.1 on IBM POWER 520 and IBM i V6.1 IBM Systems & Technology Group Paul Swenson paulswen@us.ibm.com This document can be found on the web, Version Date: April 28, 2009 Statement of Approval...

More information

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ) WHITE PAPER Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ) SEPTEMBER 2004 Overview Password-based authentication is weak and smart cards offer a way to address this weakness,

More information

IBM Tivoli Federated Identity Manager

IBM Tivoli Federated Identity Manager IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations

More information

Performance Management for Power Systems

Performance Management for Power Systems Performance Management for Power Systems Philippe Joudrain; IBM senior IT specialist. Historique, PM400 dans les années 90 Utilité Côté client, la collecte des données de performance Transmission des données

More information

Maximo Business Intelligence Reporting Roadmap Washington DC Users Group

Maximo Business Intelligence Reporting Roadmap Washington DC Users Group Maximo Business Intelligence Reporting Roadmap Washington DC Users Group Pam Denny, IBM Email: pdenny@us.ibm.com Twitter: andbflo_denny May 2014 Please note IBM s statements regarding its plans, directions,

More information

Oleksandr Romanko, Ph.D. Senior Research Analyst, Risk Analytics Business Analytics, IBM Canada October 8, 2013. Business Analytics and Optimization

Oleksandr Romanko, Ph.D. Senior Research Analyst, Risk Analytics Business Analytics, IBM Canada October 8, 2013. Business Analytics and Optimization Oleksandr Romanko, Ph.D. Senior Research Analyst, Risk Analytics Business Analytics, IBM Canada October 8, 2013 Business Analytics and Optimization Please note: IBM Risk Analytics statements regarding

More information

inotes Setup, Configuration & Troubleshooting

inotes Setup, Configuration & Troubleshooting inotes Setup, Configuration & Troubleshooting Lotus inotes Development / Support Team June 19, 2012 2012 IBM Corporation Open Mic Webcast: inotes Setup, Configuration & Troubleshooting Participant Passcode:

More information

CA Performance Center

CA Performance Center CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is

More information

White paper December 2008. Addressing single sign-on inside, outside, and between organizations

White paper December 2008. Addressing single sign-on inside, outside, and between organizations White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli

More information

CS z/os Application Enhancements: Introduction to Advanced Encryption Standards (AES)

CS z/os Application Enhancements: Introduction to Advanced Encryption Standards (AES) Software Group Enterprise Networking and Transformation Solutions (ENTS) CS z/os Application Enhancements: Introduction to Advanced Encryption Standards (AES) 1 A little background information on cipher

More information

Service Component Architecture, Apache Tuscany & WebSphere SOA Feature Pack Beta

Service Component Architecture, Apache Tuscany & WebSphere SOA Feature Pack Beta Service Component Architecture, Apache Tuscany & WebSphere SOA Feature Pack Beta Simon Laws Open Source SOA WebSphere UK User Group 3/11/2008 2008 IBM Corporation IBM Corporation 2008. All Rights Reserved.

More information

QualysGuard SAML 2.0 Single Sign-On. Technical Brief

QualysGuard SAML 2.0 Single Sign-On. Technical Brief QualysGuard SAML 2.0 Single Sign-On Technical Brief Introduction Qualys provides its customer the option to use SAML 2.0 Single Sign On (SSO) authentication with their QualysGuard subscription. When implemented,

More information

Driving Innovation and Results-Based Government with Smarter Analytics. 2012 IBM Corporation

Driving Innovation and Results-Based Government with Smarter Analytics. 2012 IBM Corporation Driving Innovation and Results-Based Government with Smarter Analytics Today, we see analytics moving from advancing single organizations i to transforming entire industries Government is no exception

More information

HP Software as a Service

HP Software as a Service HP Software as a Service Software Version: 6.1 Federated SSO Document Release Date: August 2013 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty

More information

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: CHAPTER 1 SAML Single Sign-On This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections: Junos Pulse Secure Access

More information

NM&MS: Bringing Ship-to-shore

NM&MS: Bringing Ship-to-shore : Bringing Ship-to-shore Network Monitoring & Management to the Royal Australian Navy About the Customer Royal Australian Navy Fleet IT Systems Support Organisation (FISSO) Fleet of 56 ships and shore

More information

Single Sign On. SSO & ID Management for Web and Mobile Applications

Single Sign On. SSO & ID Management for Web and Mobile Applications Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing

More information

Security Reference Architecture

Security Reference Architecture Security Reference Architecture James (Jimmy) Darwin James.Darwin@au.ibm.com 2010 IBM Corporation 0 Reference Architectures As part of the Time-to-Value Initiative, Reference Architectures have been identified

More information

z/osmf Software Deployment Application- User Experience Enhancement Update

z/osmf Software Deployment Application- User Experience Enhancement Update z/osmf Software Deployment Application- User Experience Enhancement Update Greg Daynes IBM Corporation August 8, 2012 Session Number 11697 Agenda Recent Enhancements Support for unmounted z/os UNIX file

More information

Energy Management in a Cloud Computing Environment

Energy Management in a Cloud Computing Environment Hans-Dieter Wehle, IBM Distinguished IT Specialist Virtualization and Green IT Energy Management in a Cloud Computing Environment Smarter Data Center Agenda Green IT Overview Energy Management Solutions

More information

Energy Management in a Cloud Computing Environment

Energy Management in a Cloud Computing Environment Hans-Dieter Wehle, IBM Distinguished IT Specialist Virtualization and Green IT Energy Management in a Cloud Computing Environment Smarter Data Center Agenda Green IT Overview Energy Management Solutions

More information

Identity Implementation Guide

Identity Implementation Guide Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of

More information

Title. Click to edit Master text styles Second level Third level

Title. Click to edit Master text styles Second level Third level Title Click to edit Master text styles Second level Third level IBM s Vision For The New Enterprise Data Center Subram Natarajan Senior Consultant, STG Asia Pacific subram.natarajan@in.ibm.com Multiple

More information

Leveraging SAML for Federated Single Sign-on:

Leveraging SAML for Federated Single Sign-on: Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.

More information

Get Success in Passing Your Certification Exam at first attempt!

Get Success in Passing Your Certification Exam at first attempt! Get Success in Passing Your Certification Exam at first attempt! Exam : C2150-575 Title : IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version : Demo 1.What is the default file name of the

More information

OpenLDAP Oracle Enterprise Gateway Integration Guide

OpenLDAP Oracle Enterprise Gateway Integration Guide An Oracle White Paper June 2011 OpenLDAP Oracle Enterprise Gateway Integration Guide 1 / 29 Disclaimer The following is intended to outline our general product direction. It is intended for information

More information

Practical Web Services for RPG IBM Integrated Web services for i

Practical Web Services for RPG IBM Integrated Web services for i Agenda Key: Session Number: 32CG 540191 Practical Web Services for RPG IBM Integrated Web services for i Dan Hiebert IBM dhiebert@us.ibm.com 8 Copyright IBM Corporation, 2009. All Rights Reserved. This

More information

HP Software as a Service. Federated SSO Guide

HP Software as a Service. Federated SSO Guide HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying

More information

Managing and Securing the Mobile Device Invasion. 2012 IBM Corporation

Managing and Securing the Mobile Device Invasion. 2012 IBM Corporation Managing and Securing the Mobile Device Invasion 2012 IBM Corporation Please Note: IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM

More information

Using SAP Logon Tickets for Single Sign on to Microsoft based web applications

Using SAP Logon Tickets for Single Sign on to Microsoft based web applications Collaboration Technology Support Center - Microsoft - Collaboration Brief March 2005 Using SAP Logon Tickets for Single Sign on to Microsoft based web applications André Fischer, Project Manager CTSC,

More information

Oracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 (11.1.2.4.0)

Oracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 (11.1.2.4.0) Oracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 (11.1.2.4.0) July 2015 Oracle API Gateway OAuth User Guide, 11g Release 2 (11.1.2.4.0) Copyright 1999, 2015, Oracle and/or its

More information

Security solutions Executive brief. Understand the varieties and business value of single sign-on.

Security solutions Executive brief. Understand the varieties and business value of single sign-on. Security solutions Executive brief Understand the varieties and business value of single sign-on. August 2005 2 Contents 2 Executive overview 2 SSO delivers multiple business benefits 3 IBM helps companies

More information

Copyright: WhosOnLocation Limited

Copyright: WhosOnLocation Limited How SSO Works in WhosOnLocation About Single Sign-on By default, your administrators and users are authenticated and logged in using WhosOnLocation s user authentication. You can however bypass this and

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Data Transfer Tips and Techniques

Data Transfer Tips and Techniques Agenda Key: Session Number: System i Access for Windows: Data Transfer Tips and Techniques 8 Copyright IBM Corporation, 2008. All Rights Reserved. This publication may refer to products that are not currently

More information

The Challenges of Web single sign-on

The Challenges of Web single sign-on Serge Vereecke Security Architect IBM Security Services serge_vereecke@be.ibm.com The Challenges of Web single sign-on GSE Event September 7, 2012 Agenda Single sign-on technology Why single sign-on Challenges

More information

000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>>

000-575. IBM Tivoli Federated Identity Manager V6.2.2 Implementation. Version: Demo. Page <<1/10>> 000-575 IBM Tivoli Federated Identity Manager V6.2.2 Implementation Version: Demo Page 1.What is the default file name of the IBM Tivoli Directory Integrator log? A. tdi.log B. ibmdi.log C. ibmdisrv.log

More information

Axway API Gateway. Version 7.4.1

Axway API Gateway. Version 7.4.1 O A U T H U S E R G U I D E Axway API Gateway Version 7.4.1 3 February 2016 Copyright 2016 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.4.1

More information

IBM WebSphere Message Broker - Integrating Tivoli Federated Identity Manager

IBM WebSphere Message Broker - Integrating Tivoli Federated Identity Manager IBM WebSphere Message Broker - Integrating Tivoli Federated Identity Manager Version 1.1 Property of IBM Page 1 of 18 Version 1.1, March 2008 This version applies to Version 6.0.0.3 of IBM WebSphere Message

More information

Sametime Version 9. Integration Guide. Integrating Sametime 9 with Domino 9, inotes 9, Connections 4.5, and WebSphere Portal 8.0.0.

Sametime Version 9. Integration Guide. Integrating Sametime 9 with Domino 9, inotes 9, Connections 4.5, and WebSphere Portal 8.0.0. Sametime Version 9 Integration Guide Integrating Sametime 9 with Domino 9, inotes 9, Connections 4.5, and WebSphere Portal 8.0.0.1 Edition Notice Note: Before using this information and the product it

More information

SAML Authentication Quick Start Guide

SAML Authentication Quick Start Guide SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.

More information

Agenda. How to configure

Agenda. How to configure dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services

More information

WebSphere Application Server Development Environment. Anita Rass Wan anitar@ca.ibm.com WebSphere Foundation Product Manger

WebSphere Application Server Development Environment. Anita Rass Wan anitar@ca.ibm.com WebSphere Foundation Product Manger WebSphere Application Server Development Environment Anita Rass Wan anitar@ca.ibm.com WebSphere Foundation Product Manger Please Note IBM s statements regarding its plans, directions, and intent are subject

More information

Business Process Management IBM Business Process Manager V7.5

Business Process Management IBM Business Process Manager V7.5 Business Process Management IBM Business Process Manager V7.5 Federated task management overview This presentation gives you an overview on the federated task management feature in IBM Business Process

More information

PingFederate. SSO Integration Overview

PingFederate. SSO Integration Overview PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,

More information

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309 E-mail: salesteam@pistolstar.com Website:

More information

Novell Access Manager

Novell Access Manager J2EE Agent Guide AUTHORIZED DOCUMENTATION Novell Access Manager 3.1 SP3 February 02, 2011 www.novell.com Novell Access Manager 3.1 SP3 J2EE Agent Guide Legal Notices Novell, Inc., makes no representations

More information

Identity Implementation Guide

Identity Implementation Guide Identity Implementation Guide Version 37.0, Summer 16 @salesforcedocs Last updated: May 26, 2016 Copyright 2000 2016 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,

More information

DEPLOYMENT GUIDE. SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity

DEPLOYMENT GUIDE. SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity DEPLOYMENT GUIDE SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity Table of Contents SAML Overview...3 Integration Topology...3 Deployment Requirements...4 Configuration Steps...4 Step

More information

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact Robert C. Broeckelmann Jr., Enterprise Middleware Architect Ryan Triplett, Middleware Security Architect Requirements

More information

SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL

SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL SINGLE SIGNON: Single Signon feature allows users to authenticate themselves once with their credentials i.e. Usernames and Passwords

More information

Configure Single Sign on Between Domino and WPS

Configure Single Sign on Between Domino and WPS Configure Single Sign on Between Domino and WPS What we are doing here? Ok now we have the WPS server configured and running with Domino as the LDAP directory. Now we are going to configure Single Sign

More information

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines

Ameritas Single Sign-On (SSO) and Enterprise SAML Standard. Architectural Implementation, Patterns and Usage Guidelines Ameritas Single Sign-On (SSO) and Enterprise SAML Standard Architectural Implementation, Patterns and Usage Guidelines 1 Background and Overview... 3 Scope... 3 Glossary of Terms... 4 Architecture Components...

More information

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1

PingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1 PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity

More information

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide Samsung KNOX EMM Authentication Services SDK Quick Start Guide June 2014 Legal notice This document and the software described in this document are furnished under and are subject to the terms of a license

More information

User Pass-Through Authentication in IBM Cognos 8 (SSO to data sources)

User Pass-Through Authentication in IBM Cognos 8 (SSO to data sources) User Pass-Through Authentication in IBM Cognos 8 (SSO to data sources) Nature of Document: Guideline Product(s): IBM Cognos 8 BI Area of Interest: Security Version: 1.2 2 Copyright and Trademarks Licensed

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

Lotus Sametime. FIPS Support for IBM Lotus Sametime 8.0. Version 8.0 SC23-8760-00

Lotus Sametime. FIPS Support for IBM Lotus Sametime 8.0. Version 8.0 SC23-8760-00 Lotus Sametime Version 8.0 FIPS Support for IBM Lotus Sametime 8.0 SC23-8760-00 Disclaimer THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. WHILE EFFORTS WERE

More information

Getting Started with AD/LDAP SSO

Getting Started with AD/LDAP SSO Getting Started with AD/LDAP SSO Active Directory and LDAP single sign- on (SSO) with Syncplicity Business Edition accounts allows companies of any size to leverage their existing corporate directories

More information

Single Sign-On between SAP Portal and SuccessFactors

Single Sign-On between SAP Portal and SuccessFactors Single Sign-On between SAP Portal and SuccessFactors Dimitar Mihaylov 7/1/2012 Contents 1. Overview... 3 2. Trust between SAP Portal 7.3 and SuccessFactors... 5 2.1. Initial configuration in SAP Portal

More information

IBM Infrastructure Suite for z/vm and Linux: Introduction Tivoli Storage Manager Extended Edition

IBM Infrastructure Suite for z/vm and Linux: Introduction Tivoli Storage Manager Extended Edition IBM Infrastructure Suite for z/vm and Linux: Introduction Tivoli Storage Manager Extended Edition August/September 2015 Please Note IBM s statements regarding its plans, directions, and intent are subject

More information

Rich Media & HD Video Streaming Integration with Brightcove

Rich Media & HD Video Streaming Integration with Brightcove Rich Media & HD Video Streaming Integration with Brightcove IBM Digital Experience Version 8.5 Web Content Management IBM Ecosystem Development 2014 IBM Corporation Please Note IBM s statements regarding

More information

Endpoint Manager for Mobile Devices Setup Guide

Endpoint Manager for Mobile Devices Setup Guide Endpoint Manager for Mobile Devices Setup Guide ii Endpoint Manager for Mobile Devices Setup Guide Contents Endpoint Manager for Mobile Devices Setup Guide............. 1 Components.............. 1 Architecture..............

More information

Disaster Recovery. Websense Web Security Web Security Gateway. v7.6

Disaster Recovery. Websense Web Security Web Security Gateway. v7.6 Disaster Recovery Websense Web Security Web Security Gateway v7.6 1996 2011, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published 2011 The products and/or methods

More information

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide IBM SPSS Collaboration and Deployment Services Version 6 Release 0 Single Sign-On Services Developer's Guide Note Before using this information and the product it supports, read the information in Notices

More information

IBM Endpoint Manager. Security and Compliance Analytics Setup Guide

IBM Endpoint Manager. Security and Compliance Analytics Setup Guide IBM Endpoint Manager Security and Compliance Analytics Setup Guide Version 9.2 IBM Endpoint Manager Security and Compliance Analytics Setup Guide Version 9.2 Note Before using this information and the

More information

IBM Rational Asset Manager

IBM Rational Asset Manager Providing business intelligence for your software assets IBM Rational Asset Manager Highlights A collaborative software development asset management solution, IBM Enabling effective asset management Rational

More information

Tivoli Endpoint Manager for Security and Compliance Analytics

Tivoli Endpoint Manager for Security and Compliance Analytics Tivoli Endpoint Manager for Security and Compliance Analytics User s Guide User s Guide i Note: Before using this information and the product it supports, read the information in Notices. Copyright IBM

More information

Cloud Computing with xcat on z/vm 6.3

Cloud Computing with xcat on z/vm 6.3 IBM System z Cloud Computing with xcat on z/vm 6.3 Thang Pham z/vm Development Lab thang.pham@us.ibm.com Trademarks The following are trademarks of the International Business Machines Corporation in the

More information

Microsoft Active Directory Oracle Enterprise Gateway Integration Guide

Microsoft Active Directory Oracle Enterprise Gateway Integration Guide An Oracle White Paper May 2011 Microsoft Active Directory Oracle Enterprise Gateway Integration Guide 1/33 Disclaimer The following is intended to outline our general product direction. It is intended

More information

Name: Srinivasan Govindaraj Title: Big Data Predictive Analytics

Name: Srinivasan Govindaraj Title: Big Data Predictive Analytics Name: Srinivasan Govindaraj Title: Big Data Predictive Analytics Please note the following IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice

More information

Integration Guide. SafeNet Authentication Manager. Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1

Integration Guide. SafeNet Authentication Manager. Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1 SafeNet Authentication Manager Integration Guide Using SAM SAML-based Authentication with Citrix NetScaler Gateway 10.1 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright

More information

Deploying a private database cloud on z Systems

Deploying a private database cloud on z Systems Deploying a private database cloud on z Systems How DPS evolved over time and what is coming next SAP on z IBM Systems Conference Holger Scheller - IBM April 13 th, 2016 Trademarks The following are trademarks

More information

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion. Web Services Security: OpenSSO and Access Management for SOA Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.com 1 Agenda Need for Identity-based Web services security Single Sign-On

More information