Presentation is loading. Please wait.

Presentation is loading. Please wait.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

Published byGladys Walker Modified over 9 years ago

Similar presentations

Presentation on theme: "FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem."— Presentation transcript:

1 FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem

2 FIspace Project FIspace Security Components

3 Technology behind FIspace Authentication and Authorization IDM service of FIspace provides SSO solution for web apps, mobile and RESTful web services. It is an authentication server where users can centrally login, logout, register, and manage their user accounts. Security components provides federative IDM solution using separate domains. Each domain secures and manages security metadata for a set of users, applications, and registered oauth clients. Access tokens are used to secure web invocations. Access tokens contains security metadata specifying the identity of the user as well as the role mappings for that user.

4 Features provided by FIspace SSO and Single Log Out for browser applications Social Login using Google User Registration Forgot password support. User can have an email sent to them User session management. Admin can view user sessions and what applications/clients have an access token. Sessions can be invalidated per realm or per user. Integrated Browser App to REST Service token propagation OAuth Bearer token auth for REST Services OAuth 2.0 Grant requests SAML Support. Completely centrally managed user and role mapping metadata. Minimal configuration at the application side

5 What happens? User Resource Owner Authentication Server Resource Server Authentication Request Authentication Grant Access Token Protected Resource

6 What do you need to Configure your App? Basic understanding of oauth2 Registered user with an “app developer” role Registered application on FIspace Proper configuration file –unique to your application-

7 Step by Step Create a new user Request an “app developer” role using email address fispace-user-mgmt@fispace.eufispace-user-mgmt@fispace.eu Register your application using Developers Zone on FIspace frontend. Retrieve configuration file unique to your application

8 Step by Step Click “Login” and start with the authentication steps.

9 FIspace Frontend & Security By default, when a user is new in FIspace he/she will have “User” role. “Users” do not have access to the front-end option to manage security registration. To change his/her role is necessary to contact with FIspace Administrator

10 FIspace Frontend & Security If “App Developer” role is assigned to a user, a new option is shown. Clicking on this icon, users are going to access to forms related to the OAuth clients management

11 FIspace Frontend & Security Create OAuth Client Get Installation JSON Edit/Delete OAuth Client

12 FIspace Frontend & Security User is only allowed to edit/delete and get Installation JSON from OAuth clients created by him/herself. OAuth clients created by others users are not visible in the application.

13 Welcome Page

14 User Profile

Download ppt "FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem."

Similar presentations

Suchin Rengan Principal Technical Architect Salesforce.com

Suchin Rengan Principal Technical Architect Salesforce.com
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.

Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Oracle IDM at First National Bank

Oracle IDM at First National Bank
iRequestManager for MediMizer X3

iRequestManager for MediMizer X3
Wisconsin Department of Public Instruction

Wisconsin Department of Public Instruction
1 IAM – End User Training Guide. 2 Identity Access Management (IAM) encapsulates people, processes and products to identify and manage the data used in.

1 IAM – End User Training Guide. 2 Identity Access Management (IAM) encapsulates people, processes and products to identify and manage the data used in.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.

Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
INTERNATIONAL INNER WHEEL DATABASE 2014.. MEMBER level: For everyone only for consultation whole database. CLUB Admin: For the clubs. For consultation.

INTERNATIONAL INNER WHEEL DATABASE MEMBER level: For everyone only for consultation whole database. CLUB Admin: For the clubs. For consultation.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
NetFutures- FIspace Tools offered to support development in Fispace NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar.

NetFutures- FIspace Tools offered to support development in Fispace NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar.
Implementing and Administering AD FS

Implementing and Administering AD FS
WSO2 Identity Server Road Map

WSO2 Identity Server Road Map
Cloud Hosting and Experimentation Environment Cloud Hosting and Experimentation Environment NetFutures 2015 FIspace project Javier Romero Negrín Javier.

Cloud Hosting and Experimentation Environment Cloud Hosting and Experimentation Environment NetFutures 2015 FIspace project Javier Romero Negrín Javier.
FIspace Capability Model FIspace Capability Model NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Capability Model FIspace Capability Model NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.

OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.
SACMAT02-1 Security Prototype Defining a Signature Constraint.

SACMAT02-1 Security Prototype Defining a Signature Constraint.
Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Bonrix Track & Trace System A GPS Based Vehicle Tracing System (SMS, GPRS/3G, Offline) Bonrix Software Systems Ahmedabad (INDIA) Website:

Similar presentations

Ads by Google