PacktLib: Open Source Identity Management Patterns and Practices Using OpenAM 10.x

Open Source Identity Management Patterns and Practices Using OpenAM 10.x

Credits

About the Author

About the Reviewers

www.PacktPub.com

Preface

Identity Management Patterns and Principles

Defining Identity Management

Why Identity Management is important?

How Identity Management works

Key components of Identity Management

Summary

Installing OpenAM 10.x

Downloading OpenAM 10.x

Prerequisites for OpenAM

Installing OpenAM 10.1.0

Summary

Cross-Domain Single Sign On

An introduction to Cross-Domain Single Sign On

Securing an Apache 2.4 local domain website

Securing a Tomcat 6 remote domain website

Summary

Distributed Authentication

Understanding distributed authentication

Preparing OpenAM for distributed authentication

Configuring the distributed authentication application server

Configuring the distributed authentication application

Testing distributed authentication

Summary

Application Authentication with Fedlets

Understanding Fedlets

Configuring the Fedlet application server

Creating a SAML hosted identity provider

Creating a Fedlet

Deploying Fedlet.zip onto our Java application server

Validating the Fedlet setup

More information about Fedlets

Summary

Implementing SAML2 Federation Patterns

Understanding SAML

Configuring OpenAM as a SAML Identity Provider

Installing SimpleSAMLphp

Configuring SimpleSAMLphp as a Service Provider

Configuring OpenAM to trust a SimpleSAMLphp SP

Testing our SAML Circle of Trust

Summary

OAuth Authentication

Understanding OAuth

Preparing Facebook as an OAuth Provider

Configuring an OAuth authentication module

Configuring Authentication Chaining

Testing our OAuth Client against Facebook as an OAuth Provider

Summary

Two Factor Authentication

Understanding two factor authentication

Understanding OATH and how it relates to OpenAM

Configuring OpenAM for two factor authentication

Testing two factor authentication

Summary

Adaptive Risk Authentication

Understanding Adaptive Risk authentication

Understanding how Adaptive Risk authentication works

Adding the Adaptive Risk module

Configuring the Adaptive Risk module

Adding adaptive risk to the authentication chain

Potential authentication patterns

Summary

Index