Scaling API-first – The story of a global engineering organization
Enterprise Single Sign On
1. Last Updated: Jun. 2014
Senior Software Engineer
Suresh Attanayake
Enterprise Single
Sign On : SAML, OpenID
Connect and more
2. 2
About the Presenter(s)
๏ Suresh Attanayake is a
Senior Software Engineer
at WSO2 from the
Solutions Architecture/
Technical Sales team.
He is a former Identity
Server team member and
have been involved in
various WSO2 customer
projects around the globe.
3. 3
About WSO2
๏ Global enterprise, founded
in 2005 by acknowledged
leaders in XML, web
services technologies,
standards and open source
๏ Provides only open source
platform-as-a-service for
private, public and hybrid
cloud deployments
๏ All WSO2 products are
100% open source and
released under the Apache
License Version 2.0.
๏ Is an Active Member of
OASIS, Cloud Security
Alliance, OSGi Alliance,
AMQP Working Group,
๏ Driven by
Innovation
๏ Launched first open source
API Management solution
in 2012
๏ Launched App Factory in
2Q 2013
๏ Launched Enterprise Store
and first open source
Mobile solution in 4Q 2013
7. 7
Single Sign On
๏ Single password to remember
๏ Use password only once
๏ Use password only at one place
๏ Ease of administration
๏ Enforce password/account policies
9. 9
SAML2 Web Browser SSO
Profile
๏ XML based
๏ Web browser based
๏ Bindings:
๏ HTTP Redirect Binding
๏ HTTP POST Binding
๏ HTTP Artifact Binding
๏ Profiles:
๏ Single Logout Profile
17. 17
OpenID Connect
๏ Built on top of OAuth2.0 framework
๏ Web browser based
๏ HTTP GET query params, HTTP POST request
params and JSON
๏ Authentication Flows:
๏ Authorization Code flow
๏ Implicit flow
๏ Hybrid flow
28. 28
How to pick a technology
Examples:
1. How components interact with each other
2. Technologies preferred
3. Existing systems and limitations
4. Platforms