WSO2 Identity Server is complemented by the WSO2 Cloud Gateway 1.0, first launched in 2010, which provides a secure connection between applications behind the firewall and public platform as a service (PaaS) or SaaS offerings.
WSO2 Identity Server 4.5 adds significant enhancements to facilitate identity management across multiple devices, domains and applications-on-premises and in the cloud.
Version 4.5 adds support for OpenID Connect, a standard for mobile and Web application authentication. An identity framework built on the OAuth 2.0 protocol, OpenID Connect utilizes and extends OAuth 2.0 messages and code flows. With WSO2 Identity Server, enterprises now can use and implement the OpenID Connect Basic Client Profile.
WSO2 Identity Server 4.5 allows identity providers to be configured by tenant administrators in a multitenant environment. This is particularly relevant in the development and deployment of an SSO-enabled, software as a service application in which the SaaS application is deployed on the super tenant but accessed by all tenants. Each tenant can have its own set of trusted identity providers, and users of the tenant do not have to physically exist on the same server as the SaaS application. This reduces the management requirements of the super tenant while providing tenants more control and flexibility over their user authentication.
The newest release of WSO2 Identity Server enhances support for the System for Cross-domain Identity Management specification by adding OAuth 2.0-based authentication for SCIM. WSO2 Identity Server acts as both a SCIM service provider (both hub and spoke types) and a SCIM service consumer. Now IT organizations can leverage OAuth 2.0 in order to authenticate the SCIM REST endpoints of WSO2 Identity Server.
Many existing enterprises that have implemented a service- oriented architecture (SOA) rely on SAML 2.0, but increasingly they need to consume OAuth-protected resources through APIs. WSO2 Identity Server, as an OAuth 2.0 authorization server, now can accept SAML 2.0 assertions from OAuth 2.0 clients and in exchange return back OAuth 2.0 access tokens to access protected resources on behalf of the resource owner. This provides a simple solution for leveraging SAML with REST/API security.
WSO2 Identity Server 4.5 includes several other new features to provide greater ease of use and facilitate user provisioning and management. With this latest release:
-IT organizations can customize login pages for SAML 2.0, OAuth, OpenID Connect, Passive Security Token Service (STS), and OpenID outside of WSO2 Identity Server.
-Administrators can configure user account lock/unlock based on failed login attempts.
-Enterprises have improved support for implementing name/ password violation policies.
-Organizations and their users can recover accounts using email addresses or secret questions.
-Single sign-on across Google Apps, Salesforce and internal applications is seamlessly integrated with WSO2 Identity Server.
-Administrators can define a selective set of grant types for OAuth 2.0 applications based on the trust and their capabilities.
-WSO2 Identity Server adds an improved eXtensible Access Control Markup Language (XACML) editor and SAML 2.0 Web secure single sign- on (SSO) HTTP POST binding for authentication requests.
WSO2 Identity Server is built on the same modular, fully componentized OSGi-compliant code base as the WSO2 Carbon enterprise middleware platform. Like all
WSO2 Identity Server 4.5 is available as a software download that can run directly on servers or on top of WSO2
WSO2 Identity Server is backed by a technical team in which the experts that helped create the software provide support, leading to direct and immediate access to the people with in-depth knowledge of the middleware.
((Comments on this story may be sent to email@example.com))
Most Popular Stories
- American Airlines, US Airways Complete Merger
- ACA Delay Stresses Small Businesses
- Unemployed Wait as Lawmakers Debate
- Saab Gets Back into the Game; U.S. Auto Sales Soar
- Dell Offers Undisclosed Number of Employee Buyouts
- Questions Remain in Jenni Rivera's Death
- General Dynamics Plans 200 New Jobs in N.M.
- Authorities Close to Deal with JPMorgan Chase over Madoff Response
- Harley Issues Motorcycle Recall
- Auto Dealer Builds Big Solar Project