Posts

Creating a SAML Identity Provider using Shibboleth 3

An Identity Provider (IDP) is a key component in any project using SAML authentication.  It is responsible for handling Authentication Requests from Service Providers (SP), authenticating users, resolving user attributes, and creating Assertions.  In this post, I will demonstrate how to install and configure a Shibboleth IDP on Ubuntu Linux using Tomcat and OpenLDAP. Identity Provider in the SAML authentication process The following settings will be used in this demo: SP entity ID:  https://sp.example.org SP callback URL:  https://sp.example.org/my-app/saml IDP entity ID:  https://idp.example.org/idp/shibboleth Generating SP Metadata The Identity Provider requires some information about each Service Provider it is handling Authentication Requests for including its Entity ID, its signing and encryption policy, the keys used for signing/encryption (if applicable), and the callback URL where the IDP should post Assertions.  In Shibboleth, this information is pr
2 comments
Read more

Authentication in the Cloud using SAML

Image
With so many software options available in the cloud, it is common for an organization’s services to be comprised of a mixture of off the shelf software as a service (SaaS) and custom applications running on one of the many platforms as a service (PaaS).  An essential requirement stemming from such a heterogeneous architecture is the need for a single common and consistent user authentication interface across all the applications.  It should improve the user experience by not requiring users to log into and maintain separate credentials for each application.  It should improve security by making it easier for an organization to enforce a single authentication policy (multi-factored, PKI client cert, etc) across all its applications.  It should improve productivity by decoupling the authentication implementation from each application allowing each application to focus on implementing its core functionality.  What is SAML? A solution for implementing this requirement is using the
3 comments
Read more

3 tips to maximize the benefits of cloud computing

Many organizations are seeking to enhance the agility, efficiency, and security of their IT systems by migrating to the cloud.  But organizations that continue to follow traditional approaches to IT or just duplicate their current infrastructure on virtual servers in the cloud will only realize minimal gains.  In order to maximize the benefits of cloud computing, an organization needs to know how to effectively apply the new features and practices made possible by the cloud to their IT and software development processes.  In this blog post, we provide three simple tips to help you maximize the benefits of cloud computing for your organization.  1.  Allow self service resource provisioning Provisioning of computing resources is often a major bottleneck and source of inefficiencies in traditional approaches to IT.  Developers are required to submit tickets and wait on a dedicated infrastructure team to build the resources for them before development can begin.  Cloud computing elimina
2 comments
Read more