OpenAM Best Practices: Use of OpenAM at VAL-I-PAC

•Download as PPTX, PDF•

0 likes•1,811 views

ACA IT-Solutions Security Specialist Jan Van den Bergh details OpenAM best practices at VAL-I-PAC as part of a joint Case Study session with Everett and IS4U, moderated by ForgeRock VP of Services Steve Ferris and Director of Support Tim Rault-Smith.

Technology Business

2013 Open Stack Identity Summit - France

Use of OpenAM at VAL-I-PAC

About myself
• Jan Van den Bergh
j.vandenbergh@aca-it.be
@janvdbergh

• IAM Architect and Security Specialist at ACA ITSolutions.

About VAL-I-PAC
• Non-profit organization consisting of about 50 companies
from a broad cross section of industries.
• Controls how industrial packaging waste is managed in
Belgium.

• Provides services to over 8.000 Belgian companies.

The application landscape
Amazon EC2 Cloud

MonaLisa+

ODO

CRM

Leonardo

IBM
Cognos

Google
Apps

OpenAM

Key features
• Different authentication mechanisms:
Username / password – Belgian eID card – MyDigipass

• Different integration mechanisms:
SAML – Agent-based – Custom connector (OSGI).

• Automatic deployment using scripts:
• Quickly deploy and redeploy different environments.
• Reduces errors and down-time.

Key features
• Leverages the EC2 cloud.
• Quickly set up / replace hosts.
• Add environments when they are needed.

Later enhancements
• Automatic deployments using Chef.
• HTML 5 adaptive screen layout.

• Reusable components:
• OpenAM connector for custom applications (replaces agents).
• Custom authentication modules (eID – OpenID – RememberMe).
• Deployment scripts.

• Invite mechanism (= delegated administration)
• SaaS model using REST services.

Some best practices
• Use OpenAM only for access management.
• Do not add new features to the UI.
(Instead, set up a different application using the SDK.)

• Invest in automated install and configuration.
• Do not underestimate the required effort.

More from ForgeRock

Identity Live Singapore: Building Trust & Privacy in a Connected Society

ForgeRock

Identity Live Sydney: Intelligent Authentication

ForgeRock

Identity Live Sydney: Building Trust and Privacy in a Connected Society

ForgeRock

Containerized IAM on Amazon Web Services - Deep Dive A deep technical look at the architecture behind running containerized IAM on AWS and what your team needs for a successful deployment You’ll experience an in depth review of: Assets and processes needed to containerize ForgeRock Architecture and processes guiding containerized IAM on AWS How containers are deployed into Kubernetes Monitoring and management strategies Continuous integration configuration

Get the Exact Identity Solution you Need in the Cloud - Deep Dive

ForgeRock

Get the Exact Identity Solution You Need - In the Cloud - Overview

ForgeRock

Authentication and MFA is no longer a one-mode-fits-all experience. Customer-centric companies need flexible intelligence models and simple, consistent login journeys across channels—web, call center, mobile—without being forced to bolt MFA on top of usernames and passwords. ForgeRock’s VP, Global Strategy and Innovation, Ben Goodman, and Trusona’s Chief Design Officer, Kevin Goldman, explain how ForgeRock combined with Trusona creates a broad range of multi-factor authentication modalities all with a consistent user experience, including primary MFA without usernames, passwords or typing whatsoever. Bonus: Trusona will reveal findings from the first-ever passwordless MFA behavioral research.

ForgeRock and Trusona - Simplifying the Multi-factor User Experience

ForgeRock

Opening Keynote (Identity Live Berlin 2018)

ForgeRock

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...

ForgeRock

BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)

ForgeRock

Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...

ForgeRock

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...

ForgeRock

Shift from GDPR readiness to sustained compliance to improve your business an...

ForgeRock

Intelligent Authentication (Identity Live Berlin 2018)

ForgeRock

Customer Safeguarding, Fraud and GDPR: Manah Khalil

ForgeRock

The GDPR's enforcement date is finally around the corner: May 25th. Have you successfully conceived of this groundbreaking EU regulation as a business opportunity? Have you addressed the challenges of both compliance and customer trust in a more comprehensive fashion? In this webcast, ForgeRock experts Nick Caley, VP of Financial and Regulatory, and Eve Maler, VP of Innovation and Emerging Technology, and Carlos Scott, Digital Risk Consultant will: Discuss the GDPR in the context of regulatory compliance, digital innovation, and "ripped from the headlines" tensions in consumer trust and the personal data economy Describe important privacy, consent, and trust innovations made in recent times, including in the standards world (OAuth, UMA, and more) Demonstrate capabilities of the ForgeRock Identity Platform that address GDPR requirements, including a Profile and Privacy Management dashboard

Applying Innovative Tools for GDPR Success

ForgeRock

What the Internet of Things Means for Consumer Privacy: Veronica Lara

ForgeRock

Identity Live in Austin Keynote

ForgeRock

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...

ForgeRock

Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch

ForgeRock

The pressure is on. You need to build a great customer login experience that is secure but doesn’t burden your customers with complicated password requirements. But wait, there’s more – you also need to personalize the login experience and provide metrics back to the business. Legacy authentication has you boxed in. What are you to do? Solutions like multi-factor authentication (MFA) are replacing traditional login methods but its limitations are often static and offer up inconsistent customer experiences, leading to abandonment. Organizations need an intelligent authentication approach that strikes a balance between usability, security, and customer choice. In this webcast you will learn what Intelligent Authentication is and how it enables you to: Easily configure, measure, and adjust login journeys using digital signals including device, contextual, behavioral, user choice, and risk-based factors Leverage user login analytics to increase user adoption rates, and improve the customer experience Automatically redirect suspicious users for further monitoring Quickly consume out-of-the-box authenticators, utilize existing authenticators, and integrate with cyber security solutions — all in one place

The Road to Intelligent Authentication Journeys

ForgeRock

More from ForgeRock (20)

Identity Live Singapore: Building Trust & Privacy in a Connected Society

Identity Live Sydney: Intelligent Authentication

Identity Live Sydney: Building Trust and Privacy in a Connected Society

Get the Exact Identity Solution you Need in the Cloud - Deep Dive

Get the Exact Identity Solution You Need - In the Cloud - Overview

ForgeRock and Trusona - Simplifying the Multi-factor User Experience

Opening Keynote (Identity Live Berlin 2018)

Steinberg - Customer identity as the cornerstone of our approach to digitaliz...

BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)

Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...

Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...

Shift from GDPR readiness to sustained compliance to improve your business an...

Intelligent Authentication (Identity Live Berlin 2018)

Customer Safeguarding, Fraud and GDPR: Manah Khalil

Applying Innovative Tools for GDPR Success

What the Internet of Things Means for Consumer Privacy: Veronica Lara

Identity Live in Austin Keynote

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...

Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch

The Road to Intelligent Authentication Journeys

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Handwritten Text Recognition for manuscripts and early printed texts

Maria Levchenko

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

Real Time Object Detection Using Open CV

Khem

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Histor y of HAM Radio presentation slide

vu2urc

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Developing An App To Navigate The Roads of Brazil

V3cube

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Handwritten Text Recognition for manuscripts and early printed texts

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Data Cloud, More than a CDP by Matt Robison

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Advantages of Hiring UIUX Design Service Providers for Your Business

Real Time Object Detection Using Open CV

How to Troubleshoot Apps for the Modern Connected Worker

Axa Assurance Maroc - Insurer Innovation Award 2024

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Histor y of HAM Radio presentation slide

Boost PC performance: How more available memory can improve productivity

Boost Fertility New Invention Ups Success Rates.pdf

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Developing An App To Navigate The Roads of Brazil

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Exploring the Future Potential of AI-Enabled Smartphone Processors

Strategies for Landing an Oracle DBA Job as a Fresher

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

OpenAM Best Practices: Use of OpenAM at VAL-I-PAC

1. 2013 Open Stack Identity Summit - France Use of OpenAM at VAL-I-PAC

2. About myself • Jan Van den Bergh j.vandenbergh@aca-it.be @janvdbergh • IAM Architect and Security Specialist at ACA ITSolutions.

3. About VAL-I-PAC • Non-profit organization consisting of about 50 companies from a broad cross section of industries. • Controls how industrial packaging waste is managed in Belgium. • Provides services to over 8.000 Belgian companies.

4. The application landscape Amazon EC2 Cloud MonaLisa+ ODO CRM Leonardo IBM Cognos Google Apps OpenAM

5. Key features • Different authentication mechanisms: Username / password – Belgian eID card – MyDigipass • Different integration mechanisms: SAML – Agent-based – Custom connector (OSGI). • Automatic deployment using scripts: • Quickly deploy and redeploy different environments. • Reduces errors and down-time.

6. Key features • Leverages the EC2 cloud. • Quickly set up / replace hosts. • Add environments when they are needed.

7. Later enhancements • Automatic deployments using Chef. • HTML 5 adaptive screen layout. • Reusable components: • OpenAM connector for custom applications (replaces agents). • Custom authentication modules (eID – OpenID – RememberMe). • Deployment scripts. • Invite mechanism (= delegated administration) • SaaS model using REST services.

8. Some best practices • Use OpenAM only for access management. • Do not add new features to the UI. (Instead, set up a different application using the SDK.) • Invest in automated install and configuration. • Do not underestimate the required effort.

OpenAM Best Practices: Use of OpenAM at VAL-I-PAC

Recommended

Recommended

More Related Content

More from ForgeRock

More from ForgeRock (20)

Recently uploaded

Recently uploaded (20)

OpenAM Best Practices: Use of OpenAM at VAL-I-PAC