Open Source Identity Management Patterns and Practices Using OpenAM 10.x

An intuitive guide to learning OpenAM access management capabilities for web and application servers

Open Source Identity Management Patterns and Practices Using OpenAM 10.x

Waylon Kenning

An intuitive guide to learning OpenAM access management capabilities for web and application servers
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.50
RRP $14.99
Print + eBook
$34.99
RRP $34.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.50
$34.99
$29.99p/m after trial
RRP $14.99
RRP $34.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Code Files
Preview in Mapt

Book Details

ISBN 139781782166825
Paperback116 pages

Book Description

OpenAM is a web-based open source application that provides authentication, authorization, entitlement and federation services. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. It also provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and that are hosted on a variety of platforms such as web application servers.

Open Source Identity Management Patterns and Practices Using OpenAM 10.x is a condensed, practical guide on installing OpenAM to protect your web applications. This book will teach you how to integrate to different identity sources such as Active Directory or Facebook using two-factor authentications.

Open Source Identity Management Patterns and Practices Using OpenAM 10.x looks at Identity Management and how to implement it using OpenAM 10.x. It specifically focuses on providing authentication to your web application using either a local identity source or a cloud-based identity source, so you don’t have to worry about authentication in your application.

You will learn how to install OpenAM, and then how to install policy agents against your web and application servers to do authentication. In addition, we’ll focus on integrating to applications directly using SAML, either through the use of a small preconfigured application, or through a third-party SAML library. Finally, we’ll focus on integrating to cloud identity providers using OAuth 2.0 and utilizing two-factor authentication.

If you want a scalable robust identity management infrastructure, Open Source Identity Management Principles and Patterns Using OpenAM 10.x will get you up and running in the least amount of time possible.

Table of Contents

Chapter 1: Identity Management Patterns and Principles
Defining Identity Management
Why Identity Management is important?
How Identity Management works
Key components of Identity Management
Summary
Chapter 2: Installing OpenAM 10.x
Downloading OpenAM 10.x
Prerequisites for OpenAM
Installing OpenAM 10.1.0
Summary
Chapter 3: Cross-Domain Single Sign On
An introduction to Cross-Domain Single Sign On
Securing an Apache 2.4 local domain website
Securing a Tomcat 6 remote domain website
Summary
Chapter 4: Distributed Authentication
Understanding distributed authentication
Preparing OpenAM for distributed authentication
Configuring the distributed authentication application server
Configuring the distributed authentication application
Testing distributed authentication
Summary
Chapter 5: Application Authentication with Fedlets
Understanding Fedlets
Configuring the Fedlet application server
Creating a SAML hosted identity provider
Creating a Fedlet
Deploying Fedlet.zip onto our Java application server
Validating the Fedlet setup
More information about Fedlets
Summary
Chapter 6: Implementing SAML2 Federation Patterns
Understanding SAML
Configuring OpenAM as a SAML Identity Provider
Installing SimpleSAMLphp
Configuring SimpleSAMLphp as a Service Provider
Configuring OpenAM to trust a SimpleSAMLphp SP
Testing our SAML Circle of Trust
Summary
Chapter 7: OAuth Authentication
Understanding OAuth
Preparing Facebook as an OAuth Provider
Configuring an OAuth authentication module
Configuring Authentication Chaining
Testing our OAuth Client against Facebook as an OAuth Provider
Summary
Chapter 8: Two Factor Authentication
Understanding two factor authentication
Understanding OATH and how it relates to OpenAM
Configuring OpenAM for two factor authentication
Testing two factor authentication
Summary
Chapter 9: Adaptive Risk Authentication
Understanding Adaptive Risk authentication
Understanding how Adaptive Risk authentication works
Adding the Adaptive Risk module
Configuring the Adaptive Risk module
Adding adaptive risk to the authentication chain
Potential authentication patterns
Summary

What You Will Learn

  • Understand Identity Management principles
  • Install OpenAM 10.x
  • Install policy agents against Apache Web Server and Tomcat Servlet Container
  • Implement cross-domain authentication
  • Implement distributed authentication using DMZs
  • Deploy Java application authentication quickly using Fedlets
  • Understand the federation of applications to OpenAM using SAML
  • Integrate to cloud-based identity providers using OAuth 2.0
  • Configure two-factor authentication
  • Implement entitlements with REST and XACML

Authors

Table of Contents

Chapter 1: Identity Management Patterns and Principles
Defining Identity Management
Why Identity Management is important?
How Identity Management works
Key components of Identity Management
Summary
Chapter 2: Installing OpenAM 10.x
Downloading OpenAM 10.x
Prerequisites for OpenAM
Installing OpenAM 10.1.0
Summary
Chapter 3: Cross-Domain Single Sign On
An introduction to Cross-Domain Single Sign On
Securing an Apache 2.4 local domain website
Securing a Tomcat 6 remote domain website
Summary
Chapter 4: Distributed Authentication
Understanding distributed authentication
Preparing OpenAM for distributed authentication
Configuring the distributed authentication application server
Configuring the distributed authentication application
Testing distributed authentication
Summary
Chapter 5: Application Authentication with Fedlets
Understanding Fedlets
Configuring the Fedlet application server
Creating a SAML hosted identity provider
Creating a Fedlet
Deploying Fedlet.zip onto our Java application server
Validating the Fedlet setup
More information about Fedlets
Summary
Chapter 6: Implementing SAML2 Federation Patterns
Understanding SAML
Configuring OpenAM as a SAML Identity Provider
Installing SimpleSAMLphp
Configuring SimpleSAMLphp as a Service Provider
Configuring OpenAM to trust a SimpleSAMLphp SP
Testing our SAML Circle of Trust
Summary
Chapter 7: OAuth Authentication
Understanding OAuth
Preparing Facebook as an OAuth Provider
Configuring an OAuth authentication module
Configuring Authentication Chaining
Testing our OAuth Client against Facebook as an OAuth Provider
Summary
Chapter 8: Two Factor Authentication
Understanding two factor authentication
Understanding OATH and how it relates to OpenAM
Configuring OpenAM for two factor authentication
Testing two factor authentication
Summary
Chapter 9: Adaptive Risk Authentication
Understanding Adaptive Risk authentication
Understanding how Adaptive Risk authentication works
Adding the Adaptive Risk module
Configuring the Adaptive Risk module
Adding adaptive risk to the authentication chain
Potential authentication patterns
Summary

Book Details

ISBN 139781782166825
Paperback116 pages
Read More

Read More Reviews

Recommended for You

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 25.20