SlideShare uma empresa Scribd logo

WSO2 Charon

H
HasiniG

WSO2 Charon is an open source implementation of System for Cross-Domain Identity Management specification.

1 de 15
Baixar para ler offline
WSO2 Charon Open Source SCIM Implementation offered under Apache 2.0 license.
Overview
Charon-Core This is the library that implements the SCIM specification and provides user- friendly APIs for implementing SCIM Consumers and Service Providers. i). SCIM Consumer API – SCIMClient API used to: → Create, Encode SCIM objects → Set attributes → Decode responses (resources, exceptions)
Charon-Core ii). SCIM Service Provider API – ResourceEndpoints API provides: → Endpoints that performs CRUD operations on resources → Self contained SCIM responses → Easy to handle i/p and o/p by any REST implementation. → Extension points → JSON encoding/decoding
Charon-Core Design of Core → Creation of SCIM Objects & Attributes in a generic way s.t : → Can be encoded/decoded in a generic way → Adhering to schema.
Charon-Core Design of Core (Cont ..)
Charon-Core Extension Points (You can plugin your own implementations for the following extension points to be used with charon-core) → CharonManager → AuthenticationHandler → UserManager → AbstractSCIMObject → AbstractAttribute → Encoder/Decoder
Charon-Utils This module provides default implementations for the extension points and some utils for reference implementation of WSO2 Charon project- which is charon-impl. → JAXRS ResponseBuilder → DefaultCharonManager → BasicAuthHandler → InMemoryUserManager → CharonConfig
Charon-Impl → JAXRS based Resources. → UserResource → GroupResource → DefaultCharonManager for initializing extension points through configuration.
SCIM Endpoints SCIM endpoints based on Charon-Impl: (When Charon-Impl is hosted in a servlet container like Apache Tomcat) http://localhost:8080/charonDemoApp/scim/Users http://localhost:8080/charonDemoApp/scim/Groups SCIM endpoints based on WSO2 Identity Server 4.0.0: http://localhost:9443/wso2/scim/Users http://localhost:9443/wso2/scim/Groups
Charon-Samples → Apache Wink based client which uses SCIMClient API of Charon-Core. → CharonResponseHandler – implementing wink ClientHandler to intercept responses and decode exceptions. → Separate sample clients for all most all the operations supported by Charon-Core
Features of Milestone 1 of 1.0 Release: • Client: Y • Server: Y • Supported version: 1.0 • Represenation: JSON • Authentication: HTTP Basic Authentication • Supported User Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) • Supported Group Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) • Other considerations: User Name is required when creating a user. At least one existing member id should be provided when creating a group.
Features of 1.0.0 Release: • Client: Y, Server: Y • Represenation: JSON • Supported version: 1.1 • Authentication: HTTP Basic Authentication • Supported User Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) Filter based on user name • Supported Group Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) Filter based on group name • Other features/improvements: Configuration file for registering SCIM Providers/Consumers Attribute URI support Improved Unit tests
WSO2 Charon – Success Story → Participated in two interoperability events: - at IETF - 83rd meeting - at IIW 14 and successfully inter-operated with other SCIM implementations. → Integrated with WSO2 Identity Server 4.0.0 in its identity provisioning feature, with multi-tenancy support as well for cloud deployments.
Integration with WSO2 Identity Server and Stratos – Identity Service in Cloud LDAP Provisioning system Internal apps Other cloud apps/services

Recomendados

SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
Kelly Grizzle
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
Narudom Roongsiriwong, CISSP
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Naveen Sihag
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
 
VietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume BasedVietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume Based
Pavel Odintsov
 
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo Technologies
 
Using Postman to Test OAuth/OIDC
Using Postman to Test OAuth/OIDCUsing Postman to Test OAuth/OIDC
Using Postman to Test OAuth/OIDC
Postman
 

Recomendados

SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
Kelly Grizzle
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
Narudom Roongsiriwong, CISSP
 
Cloud security
Cloud security Cloud security
Cloud security
Mohamed Shalash
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Naveen Sihag
 
Reconnaissance & Scanning
Reconnaissance & ScanningReconnaissance & Scanning
Reconnaissance & Scanning
amiable_indian
 
VietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume BasedVietTel AntiDDoS Volume Based
VietTel AntiDDoS Volume Based
Pavel Odintsov
 
SCIM presentation from CIS 2012
SCIM presentation from CIS 2012SCIM presentation from CIS 2012
SCIM presentation from CIS 2012
Twobo Technologies
 
Using Postman to Test OAuth/OIDC
Using Postman to Test OAuth/OIDCUsing Postman to Test OAuth/OIDC
Using Postman to Test OAuth/OIDC
Postman
 
SCIM in the Real World: Adoption is Growing
SCIM in the Real World: Adoption is GrowingSCIM in the Real World: Adoption is Growing
SCIM in the Real World: Adoption is Growing
Kelly Grizzle
 
Ssh
SshSsh
Ssh
Raghu nath
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
Cloud security
Cloud security Cloud security
Cloud security
n|u - The Open Security Community
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
Aruba, a Hewlett Packard Enterprise company
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined Networking
Zivaro Inc
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
DirkjanMollema
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentation
Jesse Ratcliffe, OSCP
 
ZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product DeckZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product Deck
Ryo Ardian
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Andrew Morris
 
Scim overview
Scim overviewScim overview
Scim overview
Morteza Ansari
 
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
MITRE - ATT&CKcon
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & Mitigation
NetProtocol Xpert
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
BGA Cyber Security
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Legal Services National Technology Assistance Project (LSNTAP)
 
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
CODE BLUE
 
Footprinting
FootprintingFootprinting
Footprinting
Duah John
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
Databricks
 
Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for CloudOpen Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
Prabath Siriwardena
 
Standardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIMStandardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIM
HasiniG
 

Mais conteúdo relacionado

Mais procurados

I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
DirkjanMollema
 
ZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product DeckZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product Deck
Ryo Ardian
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Andrew Morris
 
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
CODE BLUE
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
Databricks
 

Mais procurados (20)

SCIM in the Real World: Adoption is Growing
SCIM in the Real World: Adoption is GrowingSCIM in the Real World: Adoption is Growing
SCIM in the Real World: Adoption is Growing
 
Ssh
SshSsh
Ssh
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 
Cloud security
Cloud security Cloud security
Cloud security
 
ClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirementsClearPass design scenarios that solve the toughest security policy requirements
ClearPass design scenarios that solve the toughest security policy requirements
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined Networking
 
Cloud security
Cloud securityCloud security
Cloud security
 
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
I'm in your cloud... reading everyone's email. Hacking Azure AD via Active Di...
 
From OSINT to Phishing presentation
From OSINT to Phishing presentationFrom OSINT to Phishing presentation
From OSINT to Phishing presentation
 
ZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product DeckZStack for Datacenter as a Service - Product Deck
ZStack for Datacenter as a Service - Product Deck
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
 
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
Staying Ahead of Internet Background Exploitation - Microsoft BlueHat Israel ...
 
Scim overview
Scim overviewScim overview
Scim overview
 
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
MITRE ATT&CKcon 2.0: Ready to ATT&CK? Bring Your Own Data (BYOD) and Validate...
 
Common Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & MitigationCommon Layer 2 Threats, Attacks & Mitigation
Common Layer 2 Threats, Attacks & Mitigation
 
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
Beyaz Şapkalı Hacker CEH Eğitimi - Bölüm 10, 11, 12
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
[CB19] FileInsight-plugins: Decoding toolbox for malware analysis by 萬谷 暢崇
 
Footprinting
FootprintingFootprinting
Footprinting
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
 

Destaque

Standardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIMStandardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIM
HasiniG
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
Nov Matake
 
Spring Day | Identity Management with Spring Security | Dave Syer
Spring Day | Identity Management with Spring Security | Dave SyerSpring Day | Identity Management with Spring Security | Dave Syer
Spring Day | Identity Management with Spring Security | Dave Syer
JAX London
 

Destaque (12)

Open Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for CloudOpen Standard Based identity Provisioning System for Cloud
Open Standard Based identity Provisioning System for Cloud
 
Standardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIMStandardizing Identity Provisioning with SCIM
Standardizing Identity Provisioning with SCIM
 
SCIM 2.0 - Choose your own identity adventure
SCIM 2.0 - Choose your own identity adventureSCIM 2.0 - Choose your own identity adventure
SCIM 2.0 - Choose your own identity adventure
 
RahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco SystemRahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco System
 
Enterprise Security and Identity Management Use Cases with WSO2 Identity Server
Enterprise Security and Identity Management Use Cases with WSO2 Identity ServerEnterprise Security and Identity Management Use Cases with WSO2 Identity Server
Enterprise Security and Identity Management Use Cases with WSO2 Identity Server
 
Master IAM in the Cloud with SCIM v2.0
Master IAM in the Cloud with SCIM v2.0Master IAM in the Cloud with SCIM v2.0
Master IAM in the Cloud with SCIM v2.0
 
Security in Practice
Security in PracticeSecurity in Practice
Security in Practice
 
Jan19 scim webinar-04
Jan19 scim webinar-04Jan19 scim webinar-04
Jan19 scim webinar-04
 
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication ProtocolPrivacy Preserving Biometrics-Based and User Centric Authentication Protocol
Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
 
Towards a Federated Cloud Ecosystem
Towards a Federated Cloud EcosystemTowards a Federated Cloud Ecosystem
Towards a Federated Cloud Ecosystem
 
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
SAML / OpenID Connect / OAuth / SCIM 技術解説 - ID&IT 2014 #idit2014
 
Spring Day | Identity Management with Spring Security | Dave Syer
Spring Day | Identity Management with Spring Security | Dave SyerSpring Day | Identity Management with Spring Security | Dave Syer
Spring Day | Identity Management with Spring Security | Dave Syer
 

Semelhante a WSO2 Charon

"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
Volker Linz
 
Tackle Containerization Advisor (TCA) for Legacy Applications
Tackle Containerization Advisor (TCA) for Legacy ApplicationsTackle Containerization Advisor (TCA) for Legacy Applications
Tackle Containerization Advisor (TCA) for Legacy Applications
Konveyor Community
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017
Idit Levine
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!
Wayne Williams
 

Semelhante a WSO2 Charon (20)

"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
 
FIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT AgentsFIWARE Wednesday Webinars - How to Debug IoT Agents
FIWARE Wednesday Webinars - How to Debug IoT Agents
 
Tackle Containerization Advisor (TCA) for Legacy Applications
Tackle Containerization Advisor (TCA) for Legacy ApplicationsTackle Containerization Advisor (TCA) for Legacy Applications
Tackle Containerization Advisor (TCA) for Legacy Applications
 
OpenShift In a Nutshell - Episode 05 - Core Concepts Part I
OpenShift In a Nutshell - Episode 05 - Core Concepts Part IOpenShift In a Nutshell - Episode 05 - Core Concepts Part I
OpenShift In a Nutshell - Episode 05 - Core Concepts Part I
 
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & ProvidersDEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & Providers
 
MicroProfile, Docker, Kubernetes, Istio and Open Shift lab @dev nexus
MicroProfile, Docker, Kubernetes, Istio and Open Shift lab @dev nexusMicroProfile, Docker, Kubernetes, Istio and Open Shift lab @dev nexus
MicroProfile, Docker, Kubernetes, Istio and Open Shift lab @dev nexus
 
Containerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS LambdaContainerless in the Cloud with AWS Lambda
Containerless in the Cloud with AWS Lambda
 
Red Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your wayRed Hat and kubernetes: awesome stuff coming your way
Red Hat and kubernetes: awesome stuff coming your way
 
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 PreviewCloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
CloudStack DC Meetup - Apache CloudStack Overview and 4.1/4.2 Preview
 
Broadcast Music Inc - Release Automation Rockstars!
Broadcast Music Inc - Release Automation Rockstars!Broadcast Music Inc - Release Automation Rockstars!
Broadcast Music Inc - Release Automation Rockstars!
 
.NET Core Apps: Design & Development
.NET Core Apps: Design & Development.NET Core Apps: Design & Development
.NET Core Apps: Design & Development
 
Operator SDK for K8s using Go
Operator SDK for K8s using GoOperator SDK for K8s using Go
Operator SDK for K8s using Go
 
Deltacloud API
Deltacloud APIDeltacloud API
Deltacloud API
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017
 
Kotlin server side frameworks
Kotlin server side frameworksKotlin server side frameworks
Kotlin server side frameworks
 
Docker discovery service
Docker discovery serviceDocker discovery service
Docker discovery service
 
Externalized Spring Boot App Configuration
Externalized Spring Boot App ConfigurationExternalized Spring Boot App Configuration
Externalized Spring Boot App Configuration
 
SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!SkyeCORE - Rev Up Your OSGi Services!
SkyeCORE - Rev Up Your OSGi Services!
 
The use of Symfony2 @ Overblog
The use of Symfony2 @ OverblogThe use of Symfony2 @ Overblog
The use of Symfony2 @ Overblog
 
Apache cloud stack 4.1 new features deep dive
Apache cloud stack 4.1 new features deep diveApache cloud stack 4.1 new features deep dive
Apache cloud stack 4.1 new features deep dive
 

WSO2 Charon

  • 1. WSO2 Charon Open Source SCIM Implementation offered under Apache 2.0 license.
  • 3. Charon-Core This is the library that implements the SCIM specification and provides user- friendly APIs for implementing SCIM Consumers and Service Providers. i). SCIM Consumer API – SCIMClient API used to: → Create, Encode SCIM objects → Set attributes → Decode responses (resources, exceptions)
  • 4. Charon-Core ii). SCIM Service Provider API – ResourceEndpoints API provides: → Endpoints that performs CRUD operations on resources → Self contained SCIM responses → Easy to handle i/p and o/p by any REST implementation. → Extension points → JSON encoding/decoding
  • 5. Charon-Core Design of Core → Creation of SCIM Objects & Attributes in a generic way s.t : → Can be encoded/decoded in a generic way → Adhering to schema.
  • 7. Charon-Core Extension Points (You can plugin your own implementations for the following extension points to be used with charon-core) → CharonManager → AuthenticationHandler → UserManager → AbstractSCIMObject → AbstractAttribute → Encoder/Decoder
  • 8. Charon-Utils This module provides default implementations for the extension points and some utils for reference implementation of WSO2 Charon project- which is charon-impl. → JAXRS ResponseBuilder → DefaultCharonManager → BasicAuthHandler → InMemoryUserManager → CharonConfig
  • 9. Charon-Impl → JAXRS based Resources. → UserResource → GroupResource → DefaultCharonManager for initializing extension points through configuration.
  • 10. SCIM Endpoints SCIM endpoints based on Charon-Impl: (When Charon-Impl is hosted in a servlet container like Apache Tomcat) http://localhost:8080/charonDemoApp/scim/Users http://localhost:8080/charonDemoApp/scim/Groups SCIM endpoints based on WSO2 Identity Server 4.0.0: http://localhost:9443/wso2/scim/Users http://localhost:9443/wso2/scim/Groups
  • 11. Charon-Samples → Apache Wink based client which uses SCIMClient API of Charon-Core. → CharonResponseHandler – implementing wink ClientHandler to intercept responses and decode exceptions. → Separate sample clients for all most all the operations supported by Charon-Core
  • 12. Features of Milestone 1 of 1.0 Release: • Client: Y • Server: Y • Supported version: 1.0 • Represenation: JSON • Authentication: HTTP Basic Authentication • Supported User Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) • Supported Group Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) • Other considerations: User Name is required when creating a user. At least one existing member id should be provided when creating a group.
  • 13. Features of 1.0.0 Release: • Client: Y, Server: Y • Represenation: JSON • Supported version: 1.1 • Authentication: HTTP Basic Authentication • Supported User Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) Filter based on user name • Supported Group Operations Create (POST) Update (PUT) Retrieve (GET) List (GET) Delete (DELETE) Filter based on group name • Other features/improvements: Configuration file for registering SCIM Providers/Consumers Attribute URI support Improved Unit tests
  • 14. WSO2 Charon – Success Story → Participated in two interoperability events: - at IETF - 83rd meeting - at IIW 14 and successfully inter-operated with other SCIM implementations. → Integrated with WSO2 Identity Server 4.0.0 in its identity provisioning feature, with multi-tenancy support as well for cloud deployments.
  • 15. Integration with WSO2 Identity Server and Stratos – Identity Service in Cloud LDAP Provisioning system Internal apps Other cloud apps/services