Post on 11-May-2015
description
transcript
Open Identity Stack
2
Identity Products Today Stack vendors built by acquisition
The integrated stack is marketecture
Installation takes days
Integration is complex
Interface and UI proliferation
No module reuse
Closed source
Vendor lock in
3
ForgeRock Vision Simple
Scalable
Modular
Embeddable
Common REST framework
Common UI model
Community participation
4
Common Modules CREST (ForgeRock REST)
User Interface
JASPI for Authentication
REST endpoint protection (filters)
OAuth
Federation
Logging
Entitlements
5
OpenAM
All in one
Simple war deployment
Platform independent Flexible and extensible
Highly available and scalable
6
OpenAM
ForgeRock REST (Commons REST)
Protected Resources
WebAgents
JavaEEAgents
Web ServicesAgents
User Interface
End User Management
ForgeRock UI Framework
Core Services
Authentication Entitlements Session AuditngOAuth
Core Token Service OpenID Connect
Configuration
PolicyUser
ManagementSecure Token
ServiceXACML Federation
SPIs
Authentication Plugins
Policy Plugins
User MgmtPlugins
Token ServicePlugins
Federation Plugins
Persistence (OpenDJ)
Universal Gateway
7
OpenAM
ForgeRock REST (Commons REST)
Protected Resources
WebAgents
JavaEEAgents
Web ServicesAgents
User Interface
End User
ForgeRock UI Framework
Core Services
Authentication Entitlements Session AuditOAuth
Core Token Service OpenID Connect
Configuration
PolicyUser
ManagementSecure Token
ServiceXACML Federation
SPIs
Authentication Plugins
Policy Plugins
User MgmtPlugins
Token ServicePlugins
Federation Plugins
Persistence (OpenDJ)
Universal Gateway
Management
8
OpenAM Persistence
OpenAM Server
Polices
Users
Configuration
Tokens
Core Services
OpenDJ
OpenAM Server
Polices
Users
Configuration
Tokens
Core Services
OpenDJ
9
OpenAM Persistence
OpenDJ
OpenAM Server
Polices
Users
Configuration
Tokens
Core Services
OpenAM Server
Polices
Users
Configuration
Tokens
Core Services
OpenDJ
10
OpenIDM Lightweight provisioning
Next generation modular architecture
Built on resource oriented principles
Highly extensible
Self contained
11
OpenIDM OSGI
Persistence (OrientDB)
ForgeRock UI Framework
ForgeRock REST Router
Business Logic (Javascript, Groovy, Java)
Authentication Filter (JASPI)
Jetty Web Server
ConfigurationManaged
Users Sync/ReconSystem
(Connectors)
Scheduler WorkflowAudit/Logs
Policy
Ext
ern
al R
eso
urc
es
Audit
12
OpenIDM Commons OSGI
Persistence (OrientDB)
ForgeRock UI Framework
ForgeRock REST Router
Business Logic (Javascript, Groovy, Java)
Authentication Filter (JASPI)
Jetty Web Server
ConfigurationManaged
Users Sync/ReconSystem
(Connectors)
Scheduler Task ScannerAudit/Logs
Policy
Ext
ern
al R
eso
urc
es
Audit
13
Identity Bridge Software appliance
■ Wizard configuration
Identity synchronization from enterprise to SaaS
Reporting and reconciliation
SAML2 and OAuth
14
Identity Bridge OSGIConfiguration Wizard
OpenIDM
Business Logic (Javascript, Groovy, Java)
Authentication JASPI (AD and IWA)
Jetty Web Server
Salesforce and LDAP
OAuth
Sa
lesf
orc
eL
DA
P
Co
nne
cto
r
Federation
ForgeRock UI Framework
Reporting and Recon
15
OpenDJ Lightweight
Embeddable
REST APIs
High availability
Secure out of the box
Flexible architecture
16
OpenDJUser Interface
End User Management
ForgeRock UI Framework
ForgeRock REST
Core Server
Replication AuditingLDAPV3 Caching Monitoring
Password Policy
GroupsSchema
ManagementREST2LDAPAccess Control
Backend Services
Persistence Connectors LDIF MemoryChange Log
Java SDK/ LDAPv3
Web Application
REST2LDAP
ForgeRock REST
17
OpenDJ CommonsUser Interface
End User Management
ForgeRock UI Framework
ForgeRock REST
Core Server
Replication AuditngLDAPV3 Caching Monitoring
Password Policy
GroupSchema
ManagementREST2LDAPAccess Control
Backend Services
Persistence Connector LDIF MemoryChange Log
Java SDK/ LDAPv3
Web Application
REST2LDAP
ForgeRock REST
18
OpenDJ REST2LDAPUser Interface
Login/End User
ForgeRock UI Framework
OpenDJ Server
REST2LDAP
Core Services
ForgeRock REST
JASPI Authentication Module
19
Single Webapp Stack
OpenAMAuthenticationAuthorizationFederation
OpenIDMUser Management
SyncronizationWorkflow
OpenDJ Persistence
Users/Tokens/Configuration
ForgeRock REST
ForgeRock UI Framework
Login/Registration/Self Service
20
High Scale Elastic Stack
OpenAM
ForgeRock REST
ForgeRock UI Framework
Login/Registration/Self Service
ForgeRock REST
OpenDJ Distributor OpenDJ Distributor
OpenAM
ForgeRock REST
ForgeRock UI Framework
Login/Registration/Self Service
ForgeRock REST
OpenAM
ForgeRock REST
ForgeRock UI Framework
Login/Registration/Self Service
ForgeRock REST
OpenAM
ForgeRock REST
ForgeRock UI Framework
Login/Registration/Self Service
ForgeRock REST
OpenDJ OpenDJ OpenDJ OpenDJ OpenDJ OpenDJ OpenDJ
OpenIDM OpenIDM OpenIDM OpenIDM