Harnessing Sun’s OpenSSO Authentication and Authorization Mechanisms
- LANGUAGE: English DATE: Thursday, January 14, 2010 TIME: 17:00 CET (16:00 BST, 11:00 EST, 8:00 PST)
It's been several years since Kim Cameron presented the Identity Metasystem around the concept of "Claims". Years later, Claims are a reality, and there are multiple platforms out there that support using them. We have been advocating the adoption of the Identity Metasystem's concepts, and whilst not endorsing any particular platform per se, we acknowledge that there are several products out there that support this today. As part of a whole series of webinars focusing on practical issues and implementation details, this webinar will deeply dive into the implementation of Sun Microsystems OpenSSO.
Moderated by Felix Gaehtgens, our guests Abdi Mohammadi and Dr. Steffo Weber, both from Sun Microsystems, will show how to harness Sun's OpenSSO authentication and authorization mechanisms programmatically from any application (web applications, fat clients etc) via the following mechanisms:
- HTTP headers
- REST based web-service
- SOAP based web-service
- OpenSSO's proprietary SDK
Abdi and Steffo will demonstrate how to retrieve arbitrary user attributes from within a programme that is almost agnostic when it comes to technical details about the actual access management platform infrastructure (in this case, OpenSSO). Thus, using OpenSSO's identity services does not require much knowledge about OpenSSO. In fact, it is easier to retrieve information from OpenSSO than e.g. from LDAP. Moreover, it can be used from any framework (Java, .Net, PHP, Ruby on Rails - you name it).
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.