Securing Applications via Federated Identities (SAML, OAuth 2.0, OpenID)
Giriraj Sharma (~girirajsharma) |
[HTML_REMOVED]Single sign-on (SSO)[HTML_REMOVED] started it all. Organizations needed a way to unify authentication systems in the enterprise for easier management and better security. Single sign-on was widely adopted and provided a solution for keeping one repository of usernames and passwords that could be used transparently across several internal applications.
[HTML_REMOVED]The problem? How to bring together user login information across many applications and platforms to simplify sign-on and increase security. The solution? Federated identities . [HTML_REMOVED]
[HTML_REMOVED]What is federated identity ?[HTML_REMOVED]
[HTML_REMOVED]Federated identity[HTML_REMOVED] means linking and using the electronic identities a user has across several identity management systems. In simpler terms, an application does not necessarily need to obtain and store users’ credentials in order to authenticate them. Instead, the application can use an identity management system that is already storing a user’s electronic identity to authenticate the user—given, of course, that the application trusts that identity management system.
I am [HTML_REMOVED]Giriraj Sharma[HTML_REMOVED], a [HTML_REMOVED]final year undergraduate[HTML_REMOVED] student from [HTML_REMOVED]National Institute of Technology (NIT), Hamirpur, Himachal Pradesh, India[HTML_REMOVED] pursuing my Bachelor of Technology (B.Tech) in Computer Science and Engineering and graduating in May 2015.
I am a student enthusiastic about competitive programming and building source code for free software applications (FOSS) that shall be committed, documented and released for the benefit of all. [HTML_REMOVED]I am actively contributing since Jan 2014 to various open source projects under Red Hat JBoss Middleware (JBOSS Developer Framework) as a Google Summer of Code Student Developer specifically in Apache Licensed Open Source Security Domain Middlewares Picketlink and KeyCloak[HTML_REMOVED]. I worked upon Public Key Infrastructure API and JOSE implementations (JWA, JWK, JWS , JWE AND JWT) and implemented them for JBoss Picketlink (GSoC 2014, JBoss Community). I also contribute to JBoss SSO SaaS KeyCloak since Jan 2015 as a part of GSoC 2015.