Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

WSO2 Product Release Webinar: WSO2 Identity Server 5.1

To view recording of this webinar please use below URL:


WSO2 Identity Server 5.1.0 (WSO2 IS), in addition to its powerful identity bus capabilities, now delivers workflows for all critical identity and access management operations in your enterprise. It provides out-of-the-box support for user/role management operations. WSO2 IS also integrates with the WSO2 Business Process Server to provide a templating feature that defines your workflows using users, so that your business managers aren’t required to learn BPEL or Human Task. Now you can engage a multi-option/multi-step workflow with just a few clicks.

WSO2 IS 5.1.0 also delivers two-factor authentication support for you service providers using Fast Identity Online (FIDO) tokens, which is rapidly gaining attention and becoming an integral part of identity management.

This webinar will discuss

How to create, deploy and engage workflows for critical identity and access management
Key extension points for creating additional workflow templates that invokes a business process server and engages workflows for other critical operations that are not supported by default
Second factor authentication with FIDO
How to link local user accounts and easily switch between them without the need for re-authentication
Other new features of WSO2 IS 5.1.0

  • Identifiez-vous pour voir les commentaires

WSO2 Product Release Webinar: WSO2 Identity Server 5.1

  1. 1. WSO2 Identity Server 5.1.0 Engage your Line of Business Managers with Workflows Johann Dilantha Nallathamby Technical Lead & Product Lead of WSO2 Identity Server
  2. 2. Outline o What is WSO2 Identity Server o What’s new with WSO2 Identity Server 5.1.0 o Demo o Q&A
  3. 3. What is WSO2 Identity Server o 100% free and open source with commercial support o Lightweight and high performance o Highly modular and extensible o User friendly with minimal learning curve o Based on open standards An open source Identity & Entitlement management server
  4. 4. Features Before IS 5.1.0 o Authentication o Authorization o Enterprise Single Sign-On o Federated Single Sign-On o Delegated Access Control o Provisioning o Identity Management and Self Service Capabilities
  5. 5. Authentication o
  6. 6. Authorization o Role Based o Permission Based o Attribute Based o Policy Based o XACML 2.0/3.0
  7. 7. Enterprise Identity Bus o Decoupling Service Providers and Identity Providers making them unaware of each others’ existence o Authentication Bridge o Protocol translation o Multi-option and multi-step login o Home Realm Discovery (HRD) o Provisioning Bridge o Protocol translation o Just-In-Time (JIT) provisioning o Claim transformation o Role transformation
  8. 8. Open Standards for Enterprise Single Sign-On (Inbound authenticators) o SAML2 Web SSO o SAML2 Web Single Sign Out o SAML2 Basic Attribute Profile o OpenID Connect o Core specification o WS-Federation o OpenID 2.0 o Simple Registration Extension Protocol o Attribute Exchange Profile o Integrated Windows Authentication
  9. 9. Federated Single Sign-On o Supports pluggable outbound authenticator architecture o Supports all the same standards of the inbound authentication o Social Authentication o Facebook o Google o Yahoo o Microsoft Live
  10. 10. Delegated Access Control o OAuth2 o OAuth2 Authorization Framework - RFC 6749 o Bearer Token Profile - RFC 6750 o SAML2 Grant Profile - RFC 7522 o OAuth2 Token Revocation - RFC 7009 o NTLM Grant o WS-Trust 1.3/1.4
  11. 11. Provisioning o Inbound and Outbound provisioning connectors o SCIM 1.1 (Inbound & Outbound) o SPML 2.0 (Outbound Only) o Google Apps o SalesForce o Non standard user/group management WS APIs for inbound provisioning only o Non standard role/permission management WS APIs for inbound provisioning only
  12. 12. Identity Management & Self Service Capabilities o Self sign-up o Password resets using secret questions o Password reset using email verification o Password policies o Password strength o Minimum length o Password retry count o Account verification with email o One Time Passwords o User account locking
  13. 13. What’s New with Identity Server 5.1.0?
  14. 14. Workflows o Workflows for User/Group management operations o Can be extended to cover any of your organization’s critical Identity and Access Management needs o Integrates with WSO2’s own Business Process Server (BPS) out-of-the-box o Can be extended to integrate with any non WSO2 Business Process Server
  15. 15. Workflows o Engage multi-option/multi-step workflows, using users or roles. o Provides templating feature to define your own workflows o Can be extended to provide customized templates o Ships by default with the minimal set of business process features required. o Recommended to to deploy a full blown WSO2 BPS product if going into production with significantly high load and to get all the other goodies that come with it!
  16. 16. Workflows Architecture Event Handler Request Initiator Callback Handler Executor Manager Database Process Template Initializer Executor Process Template Implementations
  17. 17. 2-Factor Authentication with FIDO o http://wso2.com/library/webinars/2015/12/fido- universal-second-factor-u2f-for-wso2-identity- server/
  18. 18. Linked Local Accounts o In IS 5.0.0 we were able to link only federated Identifiers to local accounts o In IS 5.1.0 you are able to link one or more local accounts together. o This will let you switch between user accounts without re-login
  19. 19. WSO2 Store for Identity Server Connectors o Public Store o https://store.wso2.com/store/assets/isconnector o Documentation o https://docs.wso2. com/display/ISCONNECTORS/Identity+Server+Auth enticators+and+Connectors
  20. 20. Other Improvements o Redesign of SSO Login page o Registration is part of the login flow o Support for multiple Assertion Consumer URLs o Support for more SAML2 signing algorithms o IdP-Initiated Single Logout o SAML1.0 Grant for OAuth2.0 o OpenID Connect support for implicit Grant type o SCIM Patch operation support o Dumb mode provisioning with SCIM
  21. 21. Other Improvements o Multi-tenancy support in AD o Bulk user import support for all types of user stores o Search users with attribute values o Configurable Idle Session Timeout and Remember Me Timeout o Placeholder support for configuration files such as identity.xml, application-authenticators.xml, sso-idp-config.xml, etc. o Boasts over 1500 bug fixes and improvements o https://wso2.org/jira/issues/?filter=12586 o Documentation updates and fixes
  22. 22. References o Migrating from IS 5.0.0 to IS 5.1.0 o https://docs.wso2. com/display/IS510/Upgrading+from+a+Previous+Rel ease o IS 5.1.0 Documentation o https://docs.wso2. com/display/IS510/WSO2+Identity+Server+Docume ntation o Identity Server Webinars o http://wso2.com/library/webinars/identity-server/
  23. 23. What’s Next ? o Bug fix release in Q1 2016 o Will include minor improvements o Big release on C5 in Q3 o Next generation Carbon platform o Microservices engine o Native REST/JSON support o Container based tenancy model o Redesigning user management APIs to support JAAS o More to come...
  24. 24. Contact us !