SlideShare uma empresa Scribd logo

Leveraging federation capabilities of identity server for api gateway

Pushpalanka Jayawardhana
Pushpalanka Jayawardhana

This presentation will discuss how WSO2 Identity Server 5.0 can bridge the gap between an organization's API management and identity management of existing users to allow them to create and/or consume the APIs.

SoftwareTecnologiaEducação
1 de 22
Baixar para ler offline
Last Updated: July 2. 2014 Software Engineer Pushpalanka Jaywardhana Leveraging Federation Capabilities of Identity Server for API Gateway
** About the Presenter ๏ Pushpalanka Jayawardhana -Software Engineer email:lanka@wso2.com Pushpalanka is a member of WSO2 Identity Server team, focusing on security and integration. In addition to the development efforts, she has been involved in several consulting customer engagements, providing solutions for various requirements in different domains.
** About WSO2 ๏ Global enterprise, founded in 2005 by acknowledged leaders in XML, web services technologies, standards and open source ๏ Provides only open source platform-as-a-service for private, public and hybrid cloud deployments ๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0. ๏ Is an Active Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Foundation and W3C. ๏ Driven by Innovation ๏ Launched first open source API Management solution in 2012 ๏ Launched App Factory in 2Q 2013 ๏ Launched Enterprise Store and first open source Mobile solution in 4Q 2013
** What WSO2 delivers
** Outline ๏ Scenario ๏ Deployment - IS as Key Manager for API Gateway ๏ Configuration Steps ๏ Federation Capabilities of IS 5.0.0 ๏ Deployment - Extend to use an Existing IAM (Shibboleth IDP) ๏ Expandability ๏ Q&A
** Scenario Web Apps SAML SSO Shibboleth® is a registered trademark of Internet2®.
** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager SAML SSO
** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
** Deployment - IS as Key Manager for API Gateway
** Configuration Steps Create the databases, ๏ WSO2REG_DB: keep the registry information - use <IS_HOME>/dbscripts/<database_type>.sql ๏ WSO2UM_DB: store permissions and the internal roles - use <IS_HOME>/dbscripts/<database_type>.sql ๏ WSO2AM_DB: keep the identity data and API-related data - use APIM_HOME>/dbscripts/apimgt/<database_type>.sql and <IS_HOME>/dbscripts/identity/<database_type>.sql
** Configuration Steps Ctd In Identity Server, ๏ Install the ‘key manager’ feature ๏ Copy api-manager.xml from API-M 1.7.0 ๏ Do configurations to point to Gateway ๏ Configure JWT generation ๏ Add data sources in master-datasource.xml ๏ Copy registry.xml from API-M 1.7.0 ๏ Do the registry mounts ๏ Add handler for XACML media type ๏ Point identity.xml to use datasource AM_DB ๏ Point user-mgt.xml to use datasource UM_DB
** Configuration Steps Ctd In API Manager, ๏ Add data sources in master-datasource.xml ๏ Copy registry.xml from API-M 1.7.0 ๏ Do the registry mounts ๏ Point user-mgt.xml to use datasource UM_DB ๏ In api-manager.xml ๏ Configure AuthManager and APIKey Manager ๏ Point available default APIs to use IS endpoints
** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
** Federation Capabilities of IS ๏ Federation between multiple heterogeneous identity providers ๏ SSO between heterogenous standards/protocols ๏ Out-of-the-box integration with Google Apps and Salesforce ๏ Home realm discovery - deriving user's home IDP from the request
** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
** Delegate Authentication to Shibboleth ๏ Configure Shibboleth IDP as a IDP in Identity Server ๏ Configure default SP to use above configured IDP.
** Expandability of Solution Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0 SSO between heterogenous standards/protocols SalesForce LifeRay GoogleApps Drupal SAML SSO SAML SSO OpenID OpenID
** Expandability of Solution Web Apps SAML SSO API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) OAuth 2.0 Federation between multiple heterogeneous identity providers Web Apps OpenId Google Apps FaceBook Custom- --- SAML SSO
** More Information ! ๏ Download WSO2 Identity Server (latest version 5.0.0) from, http: //wso2.com/products/identity-server ๏ Download WSO2 API Manager (latest version 1.7.0) from, http: //wso2.com/products/api-manager/ ๏ Set up Identity Server 5.0.0 as Key Manager for API Manager 5.0.0 - https://docs.wso2. com/display/CLUSTER420/Configuring+WSO2+Identity+Server+as+the +Key+Manager ๏ Identity Server 5.0.0 documentation - https://docs.wso2. com/display/IS500/WSO2+Identity+Server+Documentation ๏ Configure Shibboleth with WSO2 products - http://dulanja.blogspot. com/2013/09/saml2-sso-to-wso2-420-carbon-products.html ๏ Enterprise Directory of APIs and Service Bus (University of Michingan Use case)- https://spaces.internet2. edu/display/itana/University+of+Michigan
** Business Model
Contact us !

Recomendados

Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8
WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
WSO2
 
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2
 
API designing with WSO2 API Manager
API designing with WSO2 API ManagerAPI designing with WSO2 API Manager
API designing with WSO2 API Manager
WSO2
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API Manager
WSO2
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API Manager
WSO2
 
Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB
WSO2
 
How to build a Java Web App in the Cloud
How to build a Java Web App in the CloudHow to build a Java Web App in the Cloud
How to build a Java Web App in the Cloud
WSO2
 

Recomendados

Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8Connectors for the New Enterprise with WSO2 ESB 4.8
Connectors for the New Enterprise with WSO2 ESB 4.8
WSO2
 
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
Cloud Service Integration with WSO2 Developer Studio and WSO2 ESB
WSO2
 
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2Con USA 2015: End-to-end Microservice Architecture with WSO2 Identity Ser...
WSO2
 
API designing with WSO2 API Manager
API designing with WSO2 API ManagerAPI designing with WSO2 API Manager
API designing with WSO2 API Manager
WSO2
 
Customizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API ManagerCustomizing workflows in WSO2 API Manager
Customizing workflows in WSO2 API Manager
WSO2
 
Scalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API ManagerScalable deployment options in WSO2 API Manager
Scalable deployment options in WSO2 API Manager
WSO2
 
Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB Restful Integration with WSO2 ESB
Restful Integration with WSO2 ESB
WSO2
 
How to build a Java Web App in the Cloud
How to build a Java Web App in the CloudHow to build a Java Web App in the Cloud
How to build a Java Web App in the Cloud
WSO2
 
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Arthur De Magalhaes
 
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 EcosystemWSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2
 
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
Alexandra Karapidaki
 
Swagger 2.0 and Model-driven APIs
Swagger 2.0 and Model-driven APIsSwagger 2.0 and Model-driven APIs
Swagger 2.0 and Model-driven APIs
Apigee | Google Cloud
 
Алексей Демедецкий: How to: RAC, TDD, MVVM
Алексей Демедецкий: How to: RAC, TDD, MVVMАлексей Демедецкий: How to: RAC, TDD, MVVM
Алексей Демедецкий: How to: RAC, TDD, MVVM
Fwdays
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CAS
Misagh Moayyed
 
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web APISinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Radenko Zec
 
Current State of Icinga - Icinga Camp Milan 2019
Current State of Icinga - Icinga Camp Milan 2019Current State of Icinga - Icinga Camp Milan 2019
Current State of Icinga - Icinga Camp Milan 2019
Icinga
 
API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)
WSO2
 
NGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEANGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEA
NGINX, Inc.
 
WordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaWordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using Kontena
Kontena, Inc.
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Toni Jara
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
CI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupCI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetup
Amit Singh
 
Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019
Icinga
 
MadCodeR Development Infrastructure
MadCodeR Development InfrastructureMadCodeR Development Infrastructure
MadCodeR Development Infrastructure
The World Bank
 
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
Codemotion Tel Aviv
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
Eberhard Wolff
 
AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1
AzureEzy1
 
JEE Conf 2015: Less JS!
JEE Conf 2015: Less JS!JEE Conf 2015: Less JS!
JEE Conf 2015: Less JS!
_Dewy_
 
Building a Cloud API Server using Play(SCALA) & Riak
Building a Cloud API Server using Play(SCALA) & Riak Building a Cloud API Server using Play(SCALA) & Riak
Building a Cloud API Server using Play(SCALA) & Riak
RajthilakMCA
 
CIS14: API Security for the Cloud: Tales from the Trenches
CIS14: API Security for the Cloud: Tales from the TrenchesCIS14: API Security for the Cloud: Tales from the Trenches
CIS14: API Security for the Cloud: Tales from the Trenches
CloudIDSummit
 

Mais conteúdo relacionado

Mais procurados

WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 EcosystemWSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2
 
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web APISinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Radenko Zec
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
WSO2
 
Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019
Icinga
 
MadCodeR Development Infrastructure
MadCodeR Development InfrastructureMadCodeR Development Infrastructure
MadCodeR Development Infrastructure
The World Bank
 
AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1
AzureEzy1
 

Mais procurados (20)

Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM BluemixDeploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
Deploy and Access WebSphere Liberty and StrongLoop REST Endpoints on IBM Bluemix
 
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 EcosystemWSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
WSO2Con ASIA 2016: Case Study: Identity in the WSO2 Ecosystem
 
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
Docker at SourceLair | Paris Kasidiaris | 1st Docker Crete Meetup
 
Swagger 2.0 and Model-driven APIs
Swagger 2.0 and Model-driven APIsSwagger 2.0 and Model-driven APIs
Swagger 2.0 and Model-driven APIs
 
Алексей Демедецкий: How to: RAC, TDD, MVVM
Алексей Демедецкий: How to: RAC, TDD, MVVMАлексей Демедецкий: How to: RAC, TDD, MVVM
Алексей Демедецкий: How to: RAC, TDD, MVVM
 
A tale of two factors: MFA with CAS
A tale of two factors: MFA with CASA tale of two factors: MFA with CAS
A tale of two factors: MFA with CAS
 
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web APISinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
Sinergija2012 - Developing REST API for Windows Azure with ASP.NET Web API
 
Current State of Icinga - Icinga Camp Milan 2019
Current State of Icinga - Icinga Camp Milan 2019Current State of Icinga - Icinga Camp Milan 2019
Current State of Icinga - Icinga Camp Milan 2019
 
API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)
 
NGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEANGINX Basics: Ask Me Anything – EMEA
NGINX Basics: Ask Me Anything – EMEA
 
WordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using KontenaWordPressCafe - Deploying WordPress using Kontena
WordPressCafe - Deploying WordPress using Kontena
 
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entitySpring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
Spring IO 2016 - Spring Cloud Microservices, a journey inside a financial entity
 
SSO with the WSO2 Identity Server
SSO with the WSO2 Identity ServerSSO with the WSO2 Identity Server
SSO with the WSO2 Identity Server
 
CI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetupCI CD Daridabad MuleSoft meetup
CI CD Daridabad MuleSoft meetup
 
Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019Best of Icinga Modules - Icinga Camp Milan 2019
Best of Icinga Modules - Icinga Camp Milan 2019
 
MadCodeR Development Infrastructure
MadCodeR Development InfrastructureMadCodeR Development Infrastructure
MadCodeR Development Infrastructure
 
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
Loopback: An Easy and Robust Mobile Backend - Michael Hantler & Aviv Callande...
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
 
AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1AZ-204: Connect to and consume Azure services and third-party services - Part 1
AZ-204: Connect to and consume Azure services and third-party services - Part 1
 
JEE Conf 2015: Less JS!
JEE Conf 2015: Less JS!JEE Conf 2015: Less JS!
JEE Conf 2015: Less JS!
 

Destaque

New data dictionary an internal server api that matters
New data dictionary an internal server api that mattersNew data dictionary an internal server api that matters
New data dictionary an internal server api that matters
Alexander Nozdrin
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing Passwords
CA API Management
 

Destaque (8)

Building a Cloud API Server using Play(SCALA) & Riak
Building a Cloud API Server using Play(SCALA) & Riak Building a Cloud API Server using Play(SCALA) & Riak
Building a Cloud API Server using Play(SCALA) & Riak
 
CIS14: API Security for the Cloud: Tales from the Trenches
CIS14: API Security for the Cloud: Tales from the TrenchesCIS14: API Security for the Cloud: Tales from the Trenches
CIS14: API Security for the Cloud: Tales from the Trenches
 
New data dictionary an internal server api that matters
New data dictionary an internal server api that mattersNew data dictionary an internal server api that matters
New data dictionary an internal server api that matters
 
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
WSO2 - Identity Server & API Manager - TeamOpenBravo - IF4050
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing Passwords
 
CA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application Security
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API Gateway
 
Internet Of Things in Automobile Industry
Internet Of Things in Automobile IndustryInternet Of Things in Automobile Industry
Internet Of Things in Automobile Industry
 

Semelhante a Leveraging federation capabilities of identity server for api gateway

Best Practices with WSO2 Developer Studio
Best Practices with WSO2 Developer Studio Best Practices with WSO2 Developer Studio
Best Practices with WSO2 Developer Studio
WSO2
 
Introduction to WSO2 Developer Studio
Introduction to WSO2 Developer Studio Introduction to WSO2 Developer Studio
Introduction to WSO2 Developer Studio
WSO2
 
Introducing API Manager 1.7
Introducing API Manager 1.7 Introducing API Manager 1.7
Introducing API Manager 1.7
WSO2
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform
WSO2
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2
 
Product Release Webinar- WSO2 Developer Studio 3.5
Product Release Webinar- WSO2 Developer Studio 3.5Product Release Webinar- WSO2 Developer Studio 3.5
Product Release Webinar- WSO2 Developer Studio 3.5
WSO2
 
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
WSO2
 
Building your own PaaS using Apache Stratos
Building your own PaaS using Apache Stratos Building your own PaaS using Apache Stratos
Building your own PaaS using Apache Stratos
WSO2
 
Introduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformIntroduction to WSO2 Integration Platform
Introduction to WSO2 Integration Platform
WSO2
 
Getting your iOS Device Managed by WSO2 EMM
Getting your iOS Device Managed by WSO2 EMMGetting your iOS Device Managed by WSO2 EMM
Getting your iOS Device Managed by WSO2 EMM
WSO2
 
Enterprise Single Sign On
Enterprise Single Sign On Enterprise Single Sign On
Enterprise Single Sign On
WSO2
 
Enterprise Integration made easy with WSO2 ESB
Enterprise Integration made easy with WSO2 ESBEnterprise Integration made easy with WSO2 ESB
Enterprise Integration made easy with WSO2 ESB
WSO2
 
Standards Based Identity Provisioning
Standards Based Identity Provisioning Standards Based Identity Provisioning
Standards Based Identity Provisioning
WSO2
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 
Introduction to WSO2 Business Process Server
Introduction to WSO2 Business Process ServerIntroduction to WSO2 Business Process Server
Introduction to WSO2 Business Process Server
WSO2
 
Java Script from Browser to Server
Java Script from Browser to ServerJava Script from Browser to Server
Java Script from Browser to Server
WSO2
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Yenlo
 

Semelhante a Leveraging federation capabilities of identity server for api gateway (20)

Best Practices with WSO2 Developer Studio
Best Practices with WSO2 Developer Studio Best Practices with WSO2 Developer Studio
Best Practices with WSO2 Developer Studio
 
Introduction to WSO2 Developer Studio
Introduction to WSO2 Developer Studio Introduction to WSO2 Developer Studio
Introduction to WSO2 Developer Studio
 
Introducing API Manager 1.7
Introducing API Manager 1.7 Introducing API Manager 1.7
Introducing API Manager 1.7
 
Introducing The WSO2 Platform
Introducing The WSO2 Platform Introducing The WSO2 Platform
Introducing The WSO2 Platform
 
WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5WSO2 Product Release webinar - WSO2 BAM 2.5
WSO2 Product Release webinar - WSO2 BAM 2.5
 
Product Release Webinar- WSO2 Developer Studio 3.5
Product Release Webinar- WSO2 Developer Studio 3.5Product Release Webinar- WSO2 Developer Studio 3.5
Product Release Webinar- WSO2 Developer Studio 3.5
 
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration CapabilitiesWSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
WSO2 ESB - The Fastest Open Source ESB with Superior Integration Capabilities
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
 
Building your own PaaS using Apache Stratos
Building your own PaaS using Apache Stratos Building your own PaaS using Apache Stratos
Building your own PaaS using Apache Stratos
 
Building your own PaaS using Apache Stratos - Webinar 2014-04-10
Building your own PaaS using Apache Stratos - Webinar 2014-04-10Building your own PaaS using Apache Stratos - Webinar 2014-04-10
Building your own PaaS using Apache Stratos - Webinar 2014-04-10
 
Introduction to WSO2 Integration Platform
Introduction to WSO2 Integration PlatformIntroduction to WSO2 Integration Platform
Introduction to WSO2 Integration Platform
 
Getting your iOS Device Managed by WSO2 EMM
Getting your iOS Device Managed by WSO2 EMMGetting your iOS Device Managed by WSO2 EMM
Getting your iOS Device Managed by WSO2 EMM
 
Enterprise Single Sign On
Enterprise Single Sign On Enterprise Single Sign On
Enterprise Single Sign On
 
Enterprise Integration made easy with WSO2 ESB
Enterprise Integration made easy with WSO2 ESBEnterprise Integration made easy with WSO2 ESB
Enterprise Integration made easy with WSO2 ESB
 
Managing Composite Application in Apache Stratos
Managing Composite Application in Apache StratosManaging Composite Application in Apache Stratos
Managing Composite Application in Apache Stratos
 
Standards Based Identity Provisioning
Standards Based Identity Provisioning Standards Based Identity Provisioning
Standards Based Identity Provisioning
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
Introduction to WSO2 Business Process Server
Introduction to WSO2 Business Process ServerIntroduction to WSO2 Business Process Server
Introduction to WSO2 Business Process Server
 
Java Script from Browser to Server
Java Script from Browser to ServerJava Script from Browser to Server
Java Script from Browser to Server
 
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
Webinar combining WSO2 API Manager with WSO2 BAM for billing in the energy in...
 

Mais de Pushpalanka Jayawardhana

Mais de Pushpalanka Jayawardhana (11)

Authorization for workloads in a dynamically scaling heterogeneous system
Authorization for workloads in a dynamically scaling heterogeneous systemAuthorization for workloads in a dynamically scaling heterogeneous system
Authorization for workloads in a dynamically scaling heterogeneous system
 
The role of IAM in OpenBanking and where do we stand
The role of IAM in OpenBanking and where do we stand The role of IAM in OpenBanking and where do we stand
The role of IAM in OpenBanking and where do we stand
 
Frictionless Adaption of PSD2 with WSO2
Frictionless Adaption of PSD2 with WSO2Frictionless Adaption of PSD2 with WSO2
Frictionless Adaption of PSD2 with WSO2
 
Identity mediation for enterprise identity bus
Identity mediation for enterprise identity busIdentity mediation for enterprise identity bus
Identity mediation for enterprise identity bus
 
Threads and Concurrency Identifying Performance Deviations in Thread Pools
Threads and Concurrency Identifying Performance Deviations in Thread PoolsThreads and Concurrency Identifying Performance Deviations in Thread Pools
Threads and Concurrency Identifying Performance Deviations in Thread Pools
 
Approximate Protocol for Privacy Preserving Associate Rule Mining
Approximate Protocol for Privacy Preserving Associate Rule MiningApproximate Protocol for Privacy Preserving Associate Rule Mining
Approximate Protocol for Privacy Preserving Associate Rule Mining
 
Feedback queuing models for time shared systems
Feedback queuing models for time shared systemsFeedback queuing models for time shared systems
Feedback queuing models for time shared systems
 
Big Data CDR Analyzer - Kanthaka
Big Data CDR Analyzer - KanthakaBig Data CDR Analyzer - Kanthaka
Big Data CDR Analyzer - Kanthaka
 
Kanthaka - High Volume CDR Analyzer
Kanthaka - High Volume CDR AnalyzerKanthaka - High Volume CDR Analyzer
Kanthaka - High Volume CDR Analyzer
 
Experience at WSO2 as an Intern
Experience at WSO2 as an InternExperience at WSO2 as an Intern
Experience at WSO2 as an Intern
 
Cosmology in general
Cosmology in generalCosmology in general
Cosmology in general
 

Último

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
masabamasaba
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
 
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Nitya salvi
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Steffen Staab
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 

Último (20)

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
%in Lydenburg+277-882-255-28 abortion pills for sale in Lydenburg
%in Lydenburg+277-882-255-28 abortion pills for sale in Lydenburg%in Lydenburg+277-882-255-28 abortion pills for sale in Lydenburg
%in Lydenburg+277-882-255-28 abortion pills for sale in Lydenburg
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
Chinsurah Escorts ☎️8617697112 Starting From 5K to 15K High Profile Escorts ...
 
%in Durban+277-882-255-28 abortion pills for sale in Durban
%in Durban+277-882-255-28 abortion pills for sale in Durban%in Durban+277-882-255-28 abortion pills for sale in Durban
%in Durban+277-882-255-28 abortion pills for sale in Durban
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 

Leveraging federation capabilities of identity server for api gateway

  • 1. Last Updated: July 2. 2014 Software Engineer Pushpalanka Jaywardhana Leveraging Federation Capabilities of Identity Server for API Gateway
  • 2. ** About the Presenter ๏ Pushpalanka Jayawardhana -Software Engineer email:lanka@wso2.com Pushpalanka is a member of WSO2 Identity Server team, focusing on security and integration. In addition to the development efforts, she has been involved in several consulting customer engagements, providing solutions for various requirements in different domains.
  • 3. ** About WSO2 ๏ Global enterprise, founded in 2005 by acknowledged leaders in XML, web services technologies, standards and open source ๏ Provides only open source platform-as-a-service for private, public and hybrid cloud deployments ๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0. ๏ Is an Active Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Foundation and W3C. ๏ Driven by Innovation ๏ Launched first open source API Management solution in 2012 ๏ Launched App Factory in 2Q 2013 ๏ Launched Enterprise Store and first open source Mobile solution in 4Q 2013
  • 5. ** Outline ๏ Scenario ๏ Deployment - IS as Key Manager for API Gateway ๏ Configuration Steps ๏ Federation Capabilities of IS 5.0.0 ๏ Deployment - Extend to use an Existing IAM (Shibboleth IDP) ๏ Expandability ๏ Q&A
  • 6. ** Scenario Web Apps SAML SSO Shibboleth® is a registered trademark of Internet2®.
  • 7. ** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager SAML SSO
  • 8. ** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
  • 9. ** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
  • 10. ** Deployment - IS as Key Manager for API Gateway
  • 11. ** Configuration Steps Create the databases, ๏ WSO2REG_DB: keep the registry information - use <IS_HOME>/dbscripts/<database_type>.sql ๏ WSO2UM_DB: store permissions and the internal roles - use <IS_HOME>/dbscripts/<database_type>.sql ๏ WSO2AM_DB: keep the identity data and API-related data - use APIM_HOME>/dbscripts/apimgt/<database_type>.sql and <IS_HOME>/dbscripts/identity/<database_type>.sql
  • 12. ** Configuration Steps Ctd In Identity Server, ๏ Install the ‘key manager’ feature ๏ Copy api-manager.xml from API-M 1.7.0 ๏ Do configurations to point to Gateway ๏ Configure JWT generation ๏ Add data sources in master-datasource.xml ๏ Copy registry.xml from API-M 1.7.0 ๏ Do the registry mounts ๏ Add handler for XACML media type ๏ Point identity.xml to use datasource AM_DB ๏ Point user-mgt.xml to use datasource UM_DB
  • 13. ** Configuration Steps Ctd In API Manager, ๏ Add data sources in master-datasource.xml ๏ Copy registry.xml from API-M 1.7.0 ๏ Do the registry mounts ๏ Point user-mgt.xml to use datasource UM_DB ๏ In api-manager.xml ๏ Configure AuthManager and APIKey Manager ๏ Point available default APIs to use IS endpoints
  • 14. ** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
  • 15. ** Federation Capabilities of IS ๏ Federation between multiple heterogeneous identity providers ๏ SSO between heterogenous standards/protocols ๏ Out-of-the-box integration with Google Apps and Salesforce ๏ Home realm discovery - deriving user's home IDP from the request
  • 16. ** Scenario Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0
  • 17. ** Delegate Authentication to Shibboleth ๏ Configure Shibboleth IDP as a IDP in Identity Server ๏ Configure default SP to use above configured IDP.
  • 18. ** Expandability of Solution Web Apps API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) SAML SSO OAuth 2.0 SSO between heterogenous standards/protocols SalesForce LifeRay GoogleApps Drupal SAML SSO SAML SSO OpenID OpenID
  • 19. ** Expandability of Solution Web Apps SAML SSO API Management (WSO2 API-M 1.7.0) SAML SSO Key Manager (WSO2 IS 5.0.0) OAuth 2.0 Federation between multiple heterogeneous identity providers Web Apps OpenId Google Apps FaceBook Custom- --- SAML SSO
  • 20. ** More Information ! ๏ Download WSO2 Identity Server (latest version 5.0.0) from, http: //wso2.com/products/identity-server ๏ Download WSO2 API Manager (latest version 1.7.0) from, http: //wso2.com/products/api-manager/ ๏ Set up Identity Server 5.0.0 as Key Manager for API Manager 5.0.0 - https://docs.wso2. com/display/CLUSTER420/Configuring+WSO2+Identity+Server+as+the +Key+Manager ๏ Identity Server 5.0.0 documentation - https://docs.wso2. com/display/IS500/WSO2+Identity+Server+Documentation ๏ Configure Shibboleth with WSO2 products - http://dulanja.blogspot. com/2013/09/saml2-sso-to-wso2-420-carbon-products.html ๏ Enterprise Directory of APIs and Service Bus (University of Michingan Use case)- https://spaces.internet2. edu/display/itana/University+of+Michigan