当前位置:  软件>java软件

身份认证服务 WSO2 Identity Server

    来源:    发布时间:2015-01-21

    本文导语:  WSO2 Identity Server 是一个开源的身份认证服务,支持 Information Cards, OpenID 和  XACML 特性: System and User Identity Management API for integrating identity management to any application Multi-factor authentication Single Sign-On (SSO) via OpenID, SAML2, and Kerberos KDC S...

WSO2 Identity Server 是一个开源的身份认证服务,支持 Information Cards, OpenID 和  XACML

特性:

System and User Identity Management
  • API for integrating identity management to any application

  • Multi-factor authentication

  • Single Sign-On (SSO) via OpenID, SAML2, and Kerberos KDC

  • SSO bridging between on-premise systems and cloud apps

  • Credential mapping across different protocols

  • Auditing via XDAS

  • Delegation via OAuth 1.0a, OAuth 2.0, and WS-Trust

  • Federation via OpenID, SAML2, and WS-Trust STS

  • Integration with Microsoft SharePoint with Passive STS support

  • Implement REST security with OAuth 2.0 and XACML

  • XKMS for key storage and distribution

  • Implement REST security with OpenID Connect

  • Trusted SAML2 Identity Providers per tenant

  • Out-of-the-box integration with Google Apps and Salesforce

  • Customizable login pages for OpenID, OAuth, OpenID Connect, SAML2, and Passive STS

User and Groups Provisioning
  • Support for SCIM 1.0 standard

  • OAuth 2.0 authentication for SCIM

  • Automatic provisioning of users to "Salesforce/Google Apps" or via SPML/SCIM

  • Just-in-time provisioning can be used to create identities "on the fly"

User and Groups Management
  • Web-based application for users, for profile, password, and service providers management

  • Flexible support for user stores, either built-in LDAP (powered by ApacheDS) or external LDAP, Microsoft Active Directory, Apache Cassandra, or any JDBC database

  • Flexible profile management for users supporting multiple profiles per user

  • Multiple user store support

  • Per tenant user stores

  • Account locking on failed user attempts

  • Password validation/expiration policies

  • Account recovery with email and secret questions

Entitlements Management
  • Role based access control (RBAC)

  • Attribute or claim based access control via XACML, WS-Trust, OpenID, and claim management

  • Fine-grained policy based access control via XACML

  • Advanced entitlement auditing and management

  • Entitlement management for any REST or SOAP calls

XACML 2.0/3.0 Support
  • User-friendly interface for policy editing

  • Multiple Policy Information Point (PIP) support

  • TryIt tool for exploring policy impact

  • Policy distribution to various Policy Decision Points (PDPs)

  • Policy decision and attribute caching

  • High performance network protocol (over Apache Thrift) for PEP/PDP interaction

  • Notifications of policy updates

  • Policy Administration Point (PAP) to manage multiple Policy Decision Points (PDP)

  • Customizable policy administration UI

Lightweight, Developer Friendly and Easy to Deploy
  • Complete SOAP API for integrating/embedding into any application or system

  • Pluggable workflows for privileged operations

  • Extensibility for pluggable authenticators, alternative user stores, XACML/SAML extension points, and more

  • Clustering for high available deployment

  • Choice of deployment to on-premise servers, private cloud, or managed cloud, without configuration changes

  • Integrated to WSO2 Enterprise Service Bus for authorization and all WSO2 Carbon products for authentication

Manage and Monitor
  • Comprehensive management and monitoring Web console with enterprise-level security and SAML2 SSO

  • Built-in collection and monitoring of standard access and performance statistics

  • JMX MBeans for key metrics monitoring and management

  • Integrates with 操作系统 iis7站长之家 for operational audit and KPI monitoring and management

  • Flexible logging support with integration to enterprise logging systems

  • Centralized configuration management across different deployment environments with life cycles and versioning with integration to WSO2 Governance Registry


    
 
 
 
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。












  • 相关文章推荐


  • 站内导航:


    特别声明:169IT网站部分信息来自互联网,如果侵犯您的权利,请及时告知,本站将立即删除!

    ©2012-2021,,E-mail:www_#163.com(请将#改为@)

    浙ICP备11055608号-3