February 2014

Forum Sentry Tutorial – How to Install Forum Sentry Software

By | Date posted:
sentry-100

The Forum Sentry comes in both purpose-built hardware with HSM for Cryptography offload in a 1U high hardened appliance, a variety of software versions and as a virtual machine. For this tutorial, we will show you how to install Forum Sentry on 32Bit CentOS machine, which is actually running as a VirtualBox on 64 Bit Ubuntu Machine. This example shows both, native Linux installation and how to create your own corporate virtual image vs utilizing Forum Systems virtual image. Read more

API Identity Management with LDAP Server

By | Date posted: February 24, 2014
Identity-100

Most corporations deploy LDAP severs such as OpenLDAP to store identities used for SSO and API identity management.   Application users authenticate against these LDAP servers to gain access to APIs.  To avoid an intrusive, non-scalable agent-based model — where every application installs and manages an agent for authentication and authorization — enterprises generally opt to simplify to a centralized model by deploying API gateways.  In this tutorial, you will learn how to use an LDAP server along with Forum Sentry API Gateway to enable access control of your APIs.

Read more

Online LDAP Test Server

By | Date posted: February 22, 2014
Identity-100

Here are the credentials for an Online LDAP Test Server that you can use for testing your applications that require LDAP-based authentication.  Our goal is to eliminate the need for you to download, install and configure an LDAP sever for testing. If all you need is to test connectivity and authentication against a few identities, you have come to the right place.  If you find this useful or would like us to enhance/modify this test LDAP server, please leave a comment.
Read more

Introduction to OAuth

By | Date posted: February 18, 2014
OAuth-100

OAuth is an open standard for authorizing access to specific applications and data within a server on behalf of the application owner.  The basic model of authentication between a client and an application has evolved to keep up with the demands of mobile and cloud computing. A distributed architecture — where mobile clients request services from multiple protected systems — mandates Single Sign-On (SSO).  OAuth provides a nimble SSO model to accommodate authentication for rapidly evolving mobile applications that consume services from a wide array of internal and external providers.

Read more

Infinite cloud storage scale-out with enterprise IdMs

By | Date posted: February 17, 2014
Cloud-100

Public cloud storage providers such as Amazon S3, Google Cloud Storage, and Rackspace Cloud Files provide practically infinite storage capacity for enterprise data centers. A secure scale-out of corporate data storage by using public cloud providers requires traversing the public-private cloud boundary.  Identity management is a crucial aspect of enabling this boundary traversal for companies that want to retain control of their identities regardless of the public cloud storage provider they choose.
Read more

Using HTTP Basic Auth for API Identity Management

By | Date posted:
Identity-100

APIs are proliferating corporate networks.  Business owners seek APIs that solve their requirements regardless of whether the APIs are homegrown or provided by 3rd party cloud providers.  In both cases — internal and external APIs — controls have to be enforced on who gets to use what API.  API control requires enabling Identity Management for APIs. In this tutorial, we will use Forum Sentry to lockdown an external API with on-board users, groups and ACLs with simple point-and-click, code-free configuration.

Read more

Users, Groups and ACLs for API Identity Management

By | Date posted: February 10, 2014
Identity-100

Identity management is the cornerstone for building a secure infrastructure that uses internal and 3rd party APIs.  By defining users, groups, and access control lists (ACLs), companies can granularly control who gets to use what API-based resource.  In this tutorial, we will configure users, groups and ACLs on Forum Sentry API Gateway for authenticating users and authorizing API access.   Once configured, any token type such as OAuth, SAML, or cookies can be used to present user credentials to Forum Sentry for validation against on-board users.

Read more