SSO is a fundamental requirement in enabling secure enterprise integration. API and Service Oriented Architectures (SOA) enable communication via ubiquitous standards such as XML, SOAP, and JSON. To foster efficient, effective message exchange and satisfy increasing user demands for real-time, aggregated information from internal and external business partners, trust must be established among all entities. Comprehensive mediation, authentication, and authorization of identity exchange among customer and partner portals, Web applications, and XML-based Web services provide the business with a simplified, coherent model for identity management and build the pillars of Federated SOA and Cloud Computing.
Federated SOA – a prerequisite for cloud computing – is predicated on interoperability within and across corporate domains. But mandating identity token standardization among trading partners is impractical from both a business and technology standpoint,” said John Woolbright, CIO of Omega Financial Services. “By securing and accelerating identity exchange locally and globally, Forum STS helps provide a unified, rich portal experience for our customers, while laying the foundation for true Federated SOA.
How to Implement Enterprise SAML SSO
Addressing these requirements, Forum Sentry provides extensive SSO capabilities. It produces and consumes identity tokens in varying protocol and message formats. Performing identity translation from one format to another, Forum Sentry allows authentication and authorization enforcement, controlling privileges to services without requiring custom code. De-coupling the developers from the identity decisions is the first step toward recognizing a more powerful and simplified model for identity management across the enterprise.
Forum Sentry provides a unified, easy-to-deploy platform that seamlessly integrates with multiple, disparate Identity Management products, allowing enterprises to capitalize on their existing infrastructure investments and utilize base standards such as WS-Trust and SAML.
DMZ-ready for organizations that require secure, accelerated and consolidated identity enforcement of both internal and external users, and applications, Forum Sentry delivers the following benefits:
Identity token translation (OAuth Cookies, Basic Auth, SSL, SAML, WS-Identity) and deep, direct integration with all major Identity Systems including CA Siteminder, IBM TAM, RSA ClearTrust, OpenSSO, Kerberos KDC, ActiveDirectory and LDAP.
Hardware acceleration and caching mechanisms eliminate performance bottlenecks and reduce the costs associated with increasing transactions as the number of users and applications scale.
Built on a JITC DoD PKI-, FIPS 140-2 Level-II infrastructure, Forum STS is ideally suited for edge deployments where external partners require identity decisions.
Forum Sentry consumes and generates protocol- and message-based Identity Tokens, eliminating the need to code against proprietary libraries by leveraging token exchange standards such as OAuth and SAML.
API Identity Management with LDAP Server