[jboss-user] [Security & JAAS/JBoss] - Re: JBOSS Federated SSO
sohil.shah@jboss.com
do-not-reply at jboss.com
Thu Jan 4 11:32:58 EST 2007
Sanket-
Let me see if I can answer this without confusing the issue:
anonymous wrote :
| 1. Identity Management
|
This is a pretty broad subject. As far as JBoss Federated SSO is concerned, its a framework that provides a way to integrate with users' existing Identity Management systems (ones that do user management,provisioning). The Framework provides what I would call an Identity Connector component. Our documentation currently calls it Identity Management component, but its scope is more for integrating with existing Identity Management systems
anonymous wrote :
| 2. Sesison Management (Login/Logout across apps)
| 3. Token Management
|
Yes, Federated SSO does this even with applications housed in completely different web domains
anonymous wrote :
| 4. Security (OWASP, Token,Password, OASIS)
|
Yes, the framework has built-in support for SAML tokens. SAML is an OASIS standard and pretty much the de facto standard now for builiding SSO architecture. Here is a very good presentation on SAML at JavaPolis http://www.infoq.com/news/2006/12/saml. Our architecture aligns very well with the concepts discussed in this presentation.
anonymous wrote :
| 5. User Administration (Reset,Forgot,Search, Role Mapping)
| 6. Dashboard
| 7. Auditing
|
These features are out of scope for a SSO Framework. Ofcourse, SSO Framework integrates (covered in point 1) with Identity Management systems like SiteMinder etc that provide these features
anonymous wrote :
| 8. User Registration and Synchronization across apps
|
This is a feature on our roadmap. http://jira.jboss.com/jira/browse/JBSSO-13
anonymous wrote :
| 9. Interdomain, clustered, multi app support.
|
Absolutely. Federated SSO was designed from the ground up with cross domain Single Sign On in mind
anonymous wrote :
| I know JBOSS SSO is close to this but since its still in beta i will not like to propose this to the client. Can you or anybody give me more leads on an of the following:
| 1. JOSSO
| 2. JBOSS - Tomcat default valve plugin
| 3. JBOSS Federated SSO
| 4. Any other SSO framework.
|
JBoss - Tomcat default valve plugin is for SSO between web apps loaded inside the same tomcat container as virtual hosts. It is not intended for cross domain, business/partner site integration usecases.
Others I am not too familiar with to make an accurate comment.
Hope this helps.
Thanks
Sohil
JBoss Federated SSO, Lead
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3997975#3997975
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3997975
More information about the jboss-user
mailing list