More Resources : WSO2 Identity Server
WSO2Con 2011: Security in Practice (Security Patterns with WSO2 Products) - Prabath SiriwardenaThe recent security breaches of major corporations and government agencies once again highlight the importance of implementing an effective security model within an SOA deployment to protect company data, employees, partners and customers. Going beyond authentication, authorization and auditing, security in practice relies heavily on battle-tested security patterns to combat thousands of cyber criminals worldwide seeking to exploit the any security hole in the system. In his WSO2Con 2011 session, Prabath discussed the patterns, best practices and threats associated with SOA security models. He also explored how standards, such as WS-Security, SAML, XACML, WS-Trust, WS-SecureConversation and WS-SecurityPolicy have come to define the ‘best-fit’ security model to an SOA deployment based on Web services. Additionally, he looked at how OpenID, OAuth, and Simple Cloud Identity Management (SCIM) have evolved to provide a ‘best-fit’ security model for Internet identity management. Here are highlights from his talk. About the Speaker
Configuring WSO2 Identity Server Passive STS with an ASP.NET ClientThis is a step by step guide on how to configure an ASP.NET client with the WSO2 Identity Server Passive STS. We'll be using a simple ASP.NET client and will be configuring everything from scratch. You need to have a recent version of WSO2 Identity Server (V3.2.3 or later).
Understanding XACML Policy Language - XACML (Extended Assertion Markup Language) - Part 2We learned lot of theory about XACML policies in Part 1. In this section we will define a sample XACML policy using the concepts we learned in Part 1. In addition to that, this article describes how you can test and validate policies using “WSO2 Identity Server”. Dealing with XML is sometimes very tedious. In the last section of this article, we will discuss how you can use XACML “simple UI ” to define XACML policies. Understanding XACML Policy Language - XACML (Extended Assertion Markup Language) - Part 1XACML is the widely used authorization mechanisms for web services. XACML provides fine grained authorization. In which one can define authorization based on very finer details. This finer information is stated in the policy as attributes. XACML also defines set of functions, which can be used in authorization logic evaluation. Due to detailed behavior, some believe XACML policies are esoteric and complicated. In this article I will elaborate XACML policies and will give you an idea as how XACML policy evaluation is taking place. Using XACML Fine Grained Authorization with the WSO2 Product PlatformXACML based authorization allows you to have an extremely flexible way of defining the rules of accessing resources based on the user, the user's role, the environment, time and date, etc. Now, the WSO2 product platform allows you to incorporate XACML based authorization into your SOA deployment.
Monitoring Carbon using a remote JMX clientThis guide describes how you can monitor any WSO2 Carbon based product using a remote JMX client( such as JConsole) which is behind a firewall. SAML2 Web Browser based SSO with WSO2 Identity ServerSingle Sign On (SSO) systems have become very popular since it is a very secure and convenient authentication mechanism. WSO2 Stratos and Google Apps can be taken as best examples for Single Sign On systems where users can automatically login to multiple web applications once they are authenticated at a one place using a single credential. Security Assertian Markup Language (SAML) version 2.0 Profiles Specification defines a web browser based single sign on system. This article briefly explains the SAML 2.0 web browser based SSO profile and guids to build your own SAML 2.0 Assertions Consumer using the OpenSAML 2.2.3 Java library. The demo application provided with this article would help to understand how SAML 2.0 based SSO systems work and how to use WSO2 Identity Server as the Identity Provider in a SSO system. [Curated on 26th March 2012]
OpenIDs Under your domain for your Enterprise with WSO2 Cloud Identity.In this blog post, Prabath Siriwardene a Senior Software Engineer explains how to use OpenID with WSO2 Cloud Identity. |
Prabath joined WSO2 in November 2007 and is currently a Software Architect and Senior Manager. He is an Apache Axis2 PMC member and has more than 7 years industry experience. Prior to joining WSO2, Prabath worked at Virtusa (NASDAQ: VRTU) for 3+ years. He has presented at numerous conferences including OSCON, ApacheCon, Apache Asia Roadshow, WSO2Con 2010, and WSO2 SOA Workshops. He has been involved in developing the OASIS Identity Metasystem Interoperability Version 1.0 specification.