Tutorials

Forum Sentry Tutorial – How to Install Forum Sentry Software

For this tutorial, we will go through installing the Sentry on 32Bit CentOS machine, which is actually running as a VirtualBox on 64 Bit Ubuntu Machine. This example shows both Native Linux installation and how to create your own corporate Virtual Image vs utilizing Forum Systems Virtual Image. … Read More

API Identity Management with LDAP Server

Most corporations deploy LDAP severs such as OpenLDAP to store identities used for SSO and API identity management.   Application users authenticate against these LDAP servers to gain access to APIs.  To avoid an intrusive, non-scalable agent-based model — where … Read MoreRead More

Infinite cloud storage scale-out with enterprise IdMs

Public cloud storage providers such as Amazon S3, Google Cloud Storage, and Rackspace Cloud Files provide practically infinite storage capacity for enterprise data center. A secure scale-out for corporate data storage to public cloud providers requires traversing the public-private cloud boundary. … Read More

Using HTTP Basic Auth for API Identity Management

APIs are proliferating corporate networks. Business owners seek APIs that solve their requirements regardless of whether the APIs are homegrown or provided by 3rd parties. For both cases — internal and external APIs — controls have to be enforced on who gets to use what API. This level of API control requires enabling Identity Management for APIs. … Read More

Users, Groups and ACLs for API Identity Management

Identity management is the cornerstone for building a secure infrastructure that uses internal and 3rd party APIs. By defining users, groups, and access control lists (ACLs), companies can granularly control who gets to use what API-based resource. In this tutorial, we will configure users, groups and ACLs on Forum Sentry API Gateway for authenticating users and authorizing API access. … Read More

Protecting your API Listener through SSL

In this tutorial, you will learn how to rapidly protect your corporate APIs by providing a centralized SSL policy for your service. We will use three components for this tutorial: (i) TempConvert – a publicly available service that will be the corporate service that you plan to protect through SSL (ii) Forum Sentry to enable centralized API security via an SSL policy (iii) SOAPSonar used as a testing tool. … Read More

Signer Groups and CRLs for API Security

In this tutorial, we will show how to enable and manage Signer Groups and CRLs rapidly for establishing APIs security using Forum Sentry API Gateway. … Read More

Key Generation and Certificate Signing Request

SSL-protocol and data-level encryption are both based on Public Key Infrastructure (PKI) that uses public-private key pairs for asymmetric cryptography. Generating such key pairs is one of the first steps for enabling privacy. … Read More

SSL Policies for securing your APIs

Learn how to set SSL policies for your XML, JSON, HTML, SOAP traffic and the benefits of using Forum Sentry for protecting your SOA, API components. … Read More