Skip to end of metadata
-
Created by Former user, last modified by Former user on Jul 29, 2013
Go to start of metadata
Feature | Description |
---|
System and User Identity Management | - Implement a flexible user store using the built-in LDAP (powered by ApacheDS), external LDAP, Microsoft Active Directory, or any JDBC database
- API for integrating identity management into any application
- Multifactor authentication via XMPP for OpenID
- Single Sign-On (SSO) via OpenID, SAML2, and Kerberos KDC
- SSO bridging between on-premises systems and Cloud apps
- Credential mapping across different protocols
- Provisioning via SCIM instead of legacy SPML
- Auditing via XDAS
- Delegation via OAuth 1.0a, OAuth 2.0*, and WS-Trust.
- Federation via OpenID, SAML2, and WS-Trust STS
- Integration with Microsoft SharePoint with Passive STS support
- Implement REST security with OAuth 2.0* and XACML
- Flexible profile management for users supporting multiple profiles per user
- XKMS for key storage and distribution
|
Entitlement Management | - Role-based access control (RBAC)
- Attribute-based or claim-based access control via XACML, WS-Trust, OpenID, and claim management
- Fine-grained policy-based access control via XACML
- Advanced entitlement auditing and management
- Entitlement management for any REST or SOAP calls
|
XACML 2.0/3.0 Support | - User-friendly interface for policy editing
- Multiple Policy Information Point (PIP) support
- 'TryIt' tool for exploring policy impact
- Policy distribution to various Policy Decision Points (PDPs)
- Policy decision and attribute caching
- High-performance network protocol (over Thrift) for PEP/PDP interaction
- Notifications for policy updates
|
Lightweight, Developer-Friendly, and Easy to Deploy | - Complete SOAP API for integrating/embedding into any application or system
- Pluggable workflows for privileged operations
- Extensibility for pluggable authenticators, alternative user stores, XACML/SAML extension points, and more
- Clustering for high-availability deployment
- Choice of deployment to on-premises servers or to private or public Cloud (WSO2 StratosLive Identity-as-a-Service) without configuration changes
- Integrated with WSO2 Enterprise Service Bus for authorization and all WSO2 Carbon products for authentication
|
Management and Monitoring | - Comprehensive management and monitoring Web console with enterprise-level security and SAML2 SSO
- Built-in collection and monitoring of standard access and performance statistics
- JMX MBeans for monitoring and management of key metrics
- Integrates with WSO2 Business Activity Monitor for operational audit and KPI monitoring and management
- Flexible logging support with integration to enterprise logging systems
- Centralized configuration management across different deployment environments with lifecycle management and versioning through integration with WSO2 Governance Registry
|
Open Source Components of WSO2 Identity Server
- WSO2 Carbon
- Apache Axis2 (SOAP)
- Apache Axiom (High performance XML Object Model)
- Apache Rampart/Apache WSS4J (WS-Security, WS-SecureConversation)
- Apache Rahas(WS-Trust)
- WS-Addressing implementation in Axis2
- Apache Neethi (WS-Policy)
- WS-SecurityPolicy implementation in Axis2
- Apache XML Schema
- OpenID4Java
- SunXACML
- OpenSAML2
- Apache Directory Server