SlideShare ist ein Scribd-Unternehmen logo

User Management and SSO for Austrian Government

B
bkraft

Austrian law mandates a standardized system for user management and single-sign-on for use in Austrian government institutions. The LFRZ is one of the main providers of conformant software solutions for this sector. We show how Magnolia was integrated into this system, and the challenges faced and overcome in doing so.

TechnologieBusiness
1 von 29
Downloaden Sie, um offline zu lesen
Welcome.
Magnolia user management and SSO for Austrian government sector Magnolia Conference 2012 – Technical Track Presented by Richard Unger and Rihard Monovic
Agenda 1 About RISE & LFRZ 2 SSO in Austrian government 3 Requirements and challenges 4 Implementation Presentation Title 3
About RISE and LFRZ
About RISE and LFRZ – Partnership  RISE  partner for industry  LFRZ  partner for government User management and SSO for Austrian government 5
About RISE  Corporation, www.rise-world.com  TU Spin Off, founded 1987  TU Vienna, INSO – The Think Tank of RISE, 40 PhDs  Competences  More than 300 world-class IT-engineers & architects  Highly acknowledged R&D-enterprise in Europe  Top-Developer (e.g. part of the world-wide Java-Eclipse provider community, component delivery)  Specialists in IT-Infrastructure and IT-Integration  Top-Experts in e.g. IT-Architecture, IT-Strategy, IT-Security, Usability, Transport IT, System-Performance  Locations  HQ in Schwechat/Airport and Vienna  offices in several countries  RISE personell works world-wide User management and SSO for Austrian government 6
About RISE - Project examples  2003 – 2006: ID Card for all Austrians + country-wide IT infrastructure 8 mio. electronic ID-Cards, 24.000 specially designed components for offices, delivered in 24 months  2005 – 2008: overall health network in Germany, architecture, planning and project/program management for the at that time largest IT project in Europe (1,8 billion €), design at CeBit 2005, leaded till 2008  2009 – 2012: country-wide ticketing for railway / public transport in Austria, 10 million tickets/year, highly complex interoperability, all access channels (clerk counter, pos-automat, internet, travel agent, mobile phone)  2007 – 2008: design and architecture of the government network plus the school&health network of Qatar, including NOC (network operating center) and SOC (security operating center)  1993 – today: IT infrastructure, software projects, rollouts, IT architec- tures for e.g. MoI, MoH, MoF, MoA, MoS, MoX… in several countries User management and SSO for Austrian government 7
About RISE - Clients  AMS Österreich  Oesterreichische Kontrollbank AG  Bank Austria Treasury Merger & Systemupgrades  Österreichische Universitäten – IT-Gesamtstrategie  Bundesrechenzentrum – Test- und Multiprojektmanagement  Bundesverwaltung – ELAK Einführung  IT-Portfolio – Die Presse  Dresdner Bank  Bundesministerium für Gesundheit Berlin  Justizministerium United Arabic Emirates  ICT Qatar (gesamtes IKT-Portfolio)  Usability- und Web-Strategie der indischen Regierung  Qatar Foundation (Infrastruktur-Planung)  e-Governement-Strategie Libyen User management and SSO for Austrian government 8
About LFRZ  “Land-, forst- & wasserwirtschaftliches Rechenzentrum GmbH” – www.lfrz.at  IT service provider  located in Vienna  owned by Austrian „ministry of agriculture“, which is also the principal customer  approx. 30 employees + external consultants  focus is on GIS, SSO, custom application development in Java, data integration, IT operations  and CMS User management and SSO for Austrian government 9
About LFRZ - Clients  LFRZ’s principal customer, principal website  www.lebensministerium.at User management and SSO for Austrian government 10
SSO in Austrian government
SSO in Austrian government Principal customer – “Lebensministerium”  120 editors  30+ websites  different departments, different offices in different cities  existing SSO solution  windows login enables access to all assigned applications 12
SSO in Austrian government SSO solution  “Portalverbund der Österreichischen Behörden”  use is mandated by law  standardized protocols, different implementations  de-central rights management  different portal providers, different application providers 13
SSO in Austrian government SSO solution “Portalverbund”  Systems involved: “Proxy-based” solution, home-portal, application-portal  Role model: similar to J2EE: users have roles in an application  PVP protocol: SSO-information provided in HTTP headers 14
SSO in Austrian government SSO solution “Portalverbund” user-infos in http-headers user-infos in http-headers application-portal application home-portal 15
Requirements and challenges
SSO – requirements and challenges Manageable roles and groups  Old CMS had SSO Integration  Old CMS did not use ACLs  120 editors needed 700 groups !!!  Synchronization of Portalverbund LDAP and CMS  Incredibly confusing! 17
SSO – requirements and challenges Requirements  SSO – automatic login  Roles and groups normally managed in magnolia  roles and groups also via PVP headers, mappings  Permissions (ACLs) managed in magnolia  Automatic user creation on login  “Preemptive” user creation from LDAP  GUI 18
SSO – requirements and challenges Challenges  Integrating SSO  How to handle Permissions (ACLs)  Keeping roles and groups manageable  Implementing GUIs in magnolia 19
Implementation
SSO – implementation in Magnolia Custom modules  vaadin-preintegration: use Vaadin in Magnolia 4.4.x  pvp-jaas: SSO integration, LDAP integration 21
SSO – implementation in Magnolia Module pvp-jaas  LoginHandler  PVPCallback (JAAS callback)  PVPAuthenticationModule (JAAS module)  and: LDAP user page (Vaadin based GUI) 22
SSO – implementation in Magnolia Module pvp-jaas 23
SSO – implementation in Magnolia Module pvp-jaas  Configuration via content2bean  Group & role mappings possible  Auto-update of user infos (marriage, change of office, etc…) 24
SSO – implementation in Magnolia LDAP user GUI (Vaadin) 25
SSO – implementation in Magnolia Conclusion  Working well in production  Easy for editors, easy for admins  Customer manages users  LFRZ manages groups, roles & ACLs  Magnolia is now “Portalverbund”-compatible 26
Thank you!
Questions?
User Management and SSO for Austrian Government

Empfohlen

The Successful Job Interview
The Successful Job InterviewThe Successful Job Interview
The Successful Job Interviewsuweb
 
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay [Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay Nuxeo
 
Implementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformImplementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformWSO2
 
StrongLoop DevOps Overview
StrongLoop DevOps OverviewStrongLoop DevOps Overview
StrongLoop DevOps Overviewjguerrero999
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Jack541108
 
2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathonaaronwso2
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital TransformationWSO2
 

Empfohlen

The Successful Job Interview
The Successful Job InterviewThe Successful Job Interview
The Successful Job Interviewsuweb
 
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay [Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay
[Webinar with Oceane Consulting] Using Vaadin to Integrate Nuxeo and Liferay Nuxeo
 
Implementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformImplementing API Facade using WSO2 API Management Platform
Implementing API Facade using WSO2 API Management PlatformWSO2
 
StrongLoop DevOps Overview
StrongLoop DevOps OverviewStrongLoop DevOps Overview
StrongLoop DevOps Overviewjguerrero999
 
01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soa01 web 2.0 - more than a pretty face for soa
01 web 2.0 - more than a pretty face for soaTechnology Transfer
 
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0
Presentatie 20071121 Dutch Railways And Soa Avans (1x90min) V1.0Jack541108
 
2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathon2014 q3-platform-update-v1.06.johnmathon
2014 q3-platform-update-v1.06.johnmathonaaronwso2
 
Role of integration in Digital Transformation
Role of integration in Digital TransformationRole of integration in Digital Transformation
Role of integration in Digital TransformationWSO2
 
WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingVijaya Raghava Vuligundam
 
Open Source Soa
Open Source SoaOpen Source Soa
Open Source SoaArun Pareek
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop OverviewShubhra Kar
 
Eclipse SOA Initiative
Eclipse SOA InitiativeEclipse SOA Initiative
Eclipse SOA Initiativericco.deutscher
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the DesktopVincent Perrin
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business OverviewNick Davis
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiAVEVA
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentationguestbc8b80
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_ChesnokovVladimir Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platformAmbientia
 
Scandinavia
ScandinaviaScandinavia
Scandinaviajaromik
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Servicesjaromik
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Lucas Jellema
 
SAP Net Weaver Architecture,
SAP Net Weaver Architecture, SAP Net Weaver Architecture,
SAP Net Weaver Architecture, Tapas Bhattacharya
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalMunish Gupta
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Brian Elvesæter
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview crVasily Demin
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications WikisXWiki
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisMarc Dutoo
 
The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webbkraft
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...bkraft
 

Weitere ähnliche Inhalte

Ähnlich wie User Management and SSO for Austrian Government

WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingVijaya Raghava Vuligundam
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop OverviewShubhra Kar
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the DesktopVincent Perrin
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business OverviewNick Davis
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiAVEVA
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentationguestbc8b80
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_ChesnokovVladimir Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platformAmbientia
 
Scandinavia
ScandinaviaScandinavia
Scandinaviajaromik
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Servicesjaromik
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Lucas Jellema
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalMunish Gupta
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Brian Elvesæter
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api ManagementSmartWave
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview crVasily Demin
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications WikisXWiki
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisMarc Dutoo
 

Ähnlich wie User Management and SSO for Austrian Government (20)

WebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development TrainingWebSphere Message Broker Application Development Training
WebSphere Message Broker Application Development Training
 
Open Source Soa
Open Source SoaOpen Source Soa
Open Source Soa
 
StrongLoop Overview
StrongLoop OverviewStrongLoop Overview
StrongLoop Overview
 
Eclipse SOA Initiative
Eclipse SOA InitiativeEclipse SOA Initiative
Eclipse SOA Initiative
 
SOA an architecture on the Desktop
SOA an architecture on the DesktopSOA an architecture on the Desktop
SOA an architecture on the Desktop
 
01. Portal Business Overview
01. Portal Business Overview01. Portal Business Overview
01. Portal Business Overview
 
The Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry PiThe Internet of Things with InduSoft and Raspberry Pi
The Internet of Things with InduSoft and Raspberry Pi
 
Implementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 PresentationImplementing SOA with Portal, an IBM Impact 2010 Presentation
Implementing SOA with Portal, an IBM Impact 2010 Presentation
 
20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov20160201_resume_Vladimir_Chesnokov
20160201_resume_Vladimir_Chesnokov
 
Liferay and soa platform
Liferay and soa platformLiferay and soa platform
Liferay and soa platform
 
Scandinavia
ScandinaviaScandinavia
Scandinavia
 
SII IT Services
SII IT ServicesSII IT Services
SII IT Services
 
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
Web- and Mobile-Oriented Architectures with Oracle Fusion Middleware (OOW 2014)
 
SAP Net Weaver Architecture,
SAP Net Weaver Architecture, SAP Net Weaver Architecture,
SAP Net Weaver Architecture,
 
Web2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere PortalWeb2.0 Ajax and REST in WebSphere Portal
Web2.0 Ajax and REST in WebSphere Portal
 
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
Web services og SOA – hvordan ser vi for oss bruk i fremtiden?
 
2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management2016 06 - design your api management strategy - axway - Api Management
2016 06 - design your api management strategy - axway - Api Management
 
Soa12c launch 1 overview cr
Soa12c launch 1 overview crSoa12c launch 1 overview cr
Soa12c launch 1 overview cr
 
High Productivity With Applications Wikis
High Productivity With Applications WikisHigh Productivity With Applications Wikis
High Productivity With Applications Wikis
 
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, ParisEasier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
Easier SOA with EasySOA - OW2 Conference 2010 – 23-24 November, Paris
 

Mehr von bkraft

The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webbkraft
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...bkraft
 
Magnolia Conference 2013: Keynote
Magnolia Conference 2013: KeynoteMagnolia Conference 2013: Keynote
Magnolia Conference 2013: Keynotebkraft
 
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5bkraft
 
Webinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITWebinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITbkraft
 
Increase Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop ModuleIncrease Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop Modulebkraft
 
Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013bkraft
 
High performance and scalability
High performance and scalability High performance and scalability
High performance and scalability bkraft
 
Multilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesMultilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesbkraft
 
Blossom on the web
Blossom on the webBlossom on the web
Blossom on the webbkraft
 
Single sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesSingle sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesbkraft
 
Work life balance
Work life balanceWork life balance
Work life balancebkraft
 
Magnolia and PHPCR
Magnolia and PHPCRMagnolia and PHPCR
Magnolia and PHPCRbkraft
 
Solr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of MagnoliaSolr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of Magnoliabkraft
 
End to end content managed online mobile banking
End to end content managed online mobile bankingEnd to end content managed online mobile banking
End to end content managed online mobile bankingbkraft
 
MBC Group - Magnolia in the Media
MBC Group - Magnolia in the MediaMBC Group - Magnolia in the Media
MBC Group - Magnolia in the Mediabkraft
 
Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris bkraft
 
Bridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured SoftwareBridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured Softwarebkraft
 
Enterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's ImagingEnterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's Imagingbkraft
 
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design ProcessHow the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Processbkraft
 

Mehr von bkraft (20)

The Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing webThe Open Suite Approach: How to ride the shock waves of a changing web
The Open Suite Approach: How to ride the shock waves of a changing web
 
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
Von der statischen Website zur virtuellen Präsenz - Vortrag für Nordwestschwe...
 
Magnolia Conference 2013: Keynote
Magnolia Conference 2013: KeynoteMagnolia Conference 2013: Keynote
Magnolia Conference 2013: Keynote
 
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
Webinar slides: Orchestrate Your Digital Channels with Magnolia 5
 
Webinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For ITWebinar - Why Magnolia 5 Rocks For IT
Webinar - Why Magnolia 5 Rocks For IT
 
Increase Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop ModuleIncrease Online Sales with Magnolia CMS' Shop Module
Increase Online Sales with Magnolia CMS' Shop Module
 
Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013Virtual Presence Management at Magnolia Amplify Miami 2013
Virtual Presence Management at Magnolia Amplify Miami 2013
 
High performance and scalability
High performance and scalability High performance and scalability
High performance and scalability
 
Multilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pagesMultilingual websites, microsites and landing pages
Multilingual websites, microsites and landing pages
 
Blossom on the web
Blossom on the webBlossom on the web
Blossom on the web
 
Single sourcing desktop and mobile websites
Single sourcing desktop and mobile websitesSingle sourcing desktop and mobile websites
Single sourcing desktop and mobile websites
 
Work life balance
Work life balanceWork life balance
Work life balance
 
Magnolia and PHPCR
Magnolia and PHPCRMagnolia and PHPCR
Magnolia and PHPCR
 
Solr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of MagnoliaSolr and Image Module Extensions of Magnolia
Solr and Image Module Extensions of Magnolia
 
End to end content managed online mobile banking
End to end content managed online mobile bankingEnd to end content managed online mobile banking
End to end content managed online mobile banking
 
MBC Group - Magnolia in the Media
MBC Group - Magnolia in the MediaMBC Group - Magnolia in the Media
MBC Group - Magnolia in the Media
 
Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris Yet Another E-Commerce Integration: Magnolia Loves Hybris
Yet Another E-Commerce Integration: Magnolia Loves Hybris
 
Bridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured SoftwareBridging the Gap: Magnolia Modules and Spring Configured Software
Bridging the Gap: Magnolia Modules and Spring Configured Software
 
Enterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's ImagingEnterprise Extensions to Magnolia's Imaging
Enterprise Extensions to Magnolia's Imaging
 
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design ProcessHow the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
How the STK, CSS & HTML and Rapid Prototyping Accelerate the Design Process
 

Kürzlich hochgeladen

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 

Kürzlich hochgeladen (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 

User Management and SSO for Austrian Government

  • 2. Magnolia user management and SSO for Austrian government sector Magnolia Conference 2012 – Technical Track Presented by Richard Unger and Rihard Monovic
  • 3. Agenda 1 About RISE & LFRZ 2 SSO in Austrian government 3 Requirements and challenges 4 Implementation Presentation Title 3
  • 5. About RISE and LFRZ – Partnership  RISE  partner for industry  LFRZ  partner for government User management and SSO for Austrian government 5
  • 6. About RISE  Corporation, www.rise-world.com  TU Spin Off, founded 1987  TU Vienna, INSO – The Think Tank of RISE, 40 PhDs  Competences  More than 300 world-class IT-engineers & architects  Highly acknowledged R&D-enterprise in Europe  Top-Developer (e.g. part of the world-wide Java-Eclipse provider community, component delivery)  Specialists in IT-Infrastructure and IT-Integration  Top-Experts in e.g. IT-Architecture, IT-Strategy, IT-Security, Usability, Transport IT, System-Performance  Locations  HQ in Schwechat/Airport and Vienna  offices in several countries  RISE personell works world-wide User management and SSO for Austrian government 6
  • 7. About RISE - Project examples  2003 – 2006: ID Card for all Austrians + country-wide IT infrastructure 8 mio. electronic ID-Cards, 24.000 specially designed components for offices, delivered in 24 months  2005 – 2008: overall health network in Germany, architecture, planning and project/program management for the at that time largest IT project in Europe (1,8 billion €), design at CeBit 2005, leaded till 2008  2009 – 2012: country-wide ticketing for railway / public transport in Austria, 10 million tickets/year, highly complex interoperability, all access channels (clerk counter, pos-automat, internet, travel agent, mobile phone)  2007 – 2008: design and architecture of the government network plus the school&health network of Qatar, including NOC (network operating center) and SOC (security operating center)  1993 – today: IT infrastructure, software projects, rollouts, IT architec- tures for e.g. MoI, MoH, MoF, MoA, MoS, MoX… in several countries User management and SSO for Austrian government 7
  • 8. About RISE - Clients  AMS Österreich  Oesterreichische Kontrollbank AG  Bank Austria Treasury Merger & Systemupgrades  Österreichische Universitäten – IT-Gesamtstrategie  Bundesrechenzentrum – Test- und Multiprojektmanagement  Bundesverwaltung – ELAK Einführung  IT-Portfolio – Die Presse  Dresdner Bank  Bundesministerium für Gesundheit Berlin  Justizministerium United Arabic Emirates  ICT Qatar (gesamtes IKT-Portfolio)  Usability- und Web-Strategie der indischen Regierung  Qatar Foundation (Infrastruktur-Planung)  e-Governement-Strategie Libyen User management and SSO for Austrian government 8
  • 9. About LFRZ  “Land-, forst- & wasserwirtschaftliches Rechenzentrum GmbH” – www.lfrz.at  IT service provider  located in Vienna  owned by Austrian „ministry of agriculture“, which is also the principal customer  approx. 30 employees + external consultants  focus is on GIS, SSO, custom application development in Java, data integration, IT operations  and CMS User management and SSO for Austrian government 9
  • 10. About LFRZ - Clients  LFRZ’s principal customer, principal website  www.lebensministerium.at User management and SSO for Austrian government 10
  • 11. SSO in Austrian government
  • 12. SSO in Austrian government Principal customer – “Lebensministerium”  120 editors  30+ websites  different departments, different offices in different cities  existing SSO solution  windows login enables access to all assigned applications 12
  • 13. SSO in Austrian government SSO solution  “Portalverbund der Österreichischen Behörden”  use is mandated by law  standardized protocols, different implementations  de-central rights management  different portal providers, different application providers 13
  • 14. SSO in Austrian government SSO solution “Portalverbund”  Systems involved: “Proxy-based” solution, home-portal, application-portal  Role model: similar to J2EE: users have roles in an application  PVP protocol: SSO-information provided in HTTP headers 14
  • 15. SSO in Austrian government SSO solution “Portalverbund” user-infos in http-headers user-infos in http-headers application-portal application home-portal 15
  • 17. SSO – requirements and challenges Manageable roles and groups  Old CMS had SSO Integration  Old CMS did not use ACLs  120 editors needed 700 groups !!!  Synchronization of Portalverbund LDAP and CMS  Incredibly confusing! 17
  • 18. SSO – requirements and challenges Requirements  SSO – automatic login  Roles and groups normally managed in magnolia  roles and groups also via PVP headers, mappings  Permissions (ACLs) managed in magnolia  Automatic user creation on login  “Preemptive” user creation from LDAP  GUI 18
  • 19. SSO – requirements and challenges Challenges  Integrating SSO  How to handle Permissions (ACLs)  Keeping roles and groups manageable  Implementing GUIs in magnolia 19
  • 21. SSO – implementation in Magnolia Custom modules  vaadin-preintegration: use Vaadin in Magnolia 4.4.x  pvp-jaas: SSO integration, LDAP integration 21
  • 22. SSO – implementation in Magnolia Module pvp-jaas  LoginHandler  PVPCallback (JAAS callback)  PVPAuthenticationModule (JAAS module)  and: LDAP user page (Vaadin based GUI) 22
  • 23. SSO – implementation in Magnolia Module pvp-jaas 23
  • 24. SSO – implementation in Magnolia Module pvp-jaas  Configuration via content2bean  Group & role mappings possible  Auto-update of user infos (marriage, change of office, etc…) 24
  • 25. SSO – implementation in Magnolia LDAP user GUI (Vaadin) 25
  • 26. SSO – implementation in Magnolia Conclusion  Working well in production  Easy for editors, easy for admins  Customer manages users  LFRZ manages groups, roles & ACLs  Magnolia is now “Portalverbund”-compatible 26