Welcome!

Eclipse Authors: Yeshim Deniz, Liz McMillan, Elizabeth White, XebiaLabs Blog, Ken Fogel

News Feed Item

WSO2 Expands Identity Management Capabilities Across Cloud, Mobile and Web Applications With the Launch of WSO2 Identity Server 4.5

The cloud, mobile computing, and APIs are empowering enterprises to extend their processes to customers, partners, and other groups within the organization. However, with this greater reach come greater challenges to protect data and ensure users’ privacy across multiple domains and devices. WSO2 addresses these challenges with the launch of WSO2 Identity Server 4.5 for authentication and identity management across cloud, mobile and Web applications.

The latest release of the award-winning WSO2 Identity Server adds powerful new capabilities for user provisioning and management, including:

  • Support for OpenID Connect to authenticate users of mobile and Web applications.
  • Stronger tenant control in multitenant cloud deployments through the ability of each tenant to have multiple trusted identity providers and multiple user stores, which are isolated from the rest.
  • Enhanced System for Cross-domain Identity Management (SCIM) with the addition of OAuth 2.0 authentication.
  • Expanded Security Assertion Markup Language (SAML) 2.0 functionality to support seamless integration with Salesforce and Google Apps.
  • Addition of SAML 2.0 grant type for OAuth 2.0 to leverage SAML 2.0 with REST/API security.

“Collectively, the cloud, mobile, APIs, social media, and open source are enabling enterprises to create new connections across employees, customers and partners. Along with new business models, this is also bringing the need for more comprehensive identity management across the diverse participants in these connected enterprises,” said Dr. Sanjiva Weerawarana, WSO2 founder and CEO. “WSO2 Identity Server 4.5 delivers on this demand by combining robust, centralized management with flexible models for provisioning in traditional, cloud and mobile deployments and by facilitating authentication and authorization no matter where or how users choose to access applications and services.”

Robust Identity Management On-premises and in the Cloud

Version 4.5 builds on the proven performance of WSO2 Identity Server, the enterprise-ready, 100% open source, lean, component-based software, which has been in production in Global 1000 enterprises since 2009.

WSO2 Identity Server enables enterprise architects and developers to improve the user’s experience by reducing identity provisioning time, guaranteeing secure online interactions, and delivering a reduced single sign-on (SSO) environment. It also decreases the burden of identity management and entitlement management by including role-based access control, attribute-based access control, fine-grain policy-based access control, and SSO bridging. Featuring full native multi-tenancy, WSO2 Identity Server can run on servers, in a private cloud, public cloud or hybrid cloud environment—all from the same software.

In December 2012, WSO2 Identity Server 4.0 added SCIM support for identity provisioning to facilitate user management operations across software as a service (SaaS) applications. It also incorporated federated identity provider (IdP) functionality, allowing different organizations to make shared services available—for example different universities sharing certain resources with each other’s faculty or students—while enabling single sign-on simplicity for end users. Such federated IdP is particularly important for facilitating authentication across extremely large deployments associated with the cloud.

WSO2 Identity Server is complemented by the WSO2 Cloud Gateway 1.0, first launched in 2010, which provides a secure connection between applications behind the firewall and public platform as a service (PaaS) or SaaS offerings.

New Features in WSO2 Identity Server 4.5

WSO2 Identity Server 4.5 adds significant enhancements to facilitate identity management across multiple devices, domains and applications—on-premises and in the cloud.

New OpenID Connect Support – Version 4.5 adds support for OpenID Connect, a standard for mobile and Web application authentication. An identity framework built on the OAuth 2.0 protocol, OpenID Connect utilizes and extends OAuth 2.0 messages and code flows. With WSO2 Identity Server, enterprises now can use and implement the OpenID Connect Basic Client Profile.

New Multiple Trusted Identity Providers Functionality – WSO2 Identity Server 4.5 allows identity providers to be configured by tenant administrators in a multitenant environment. This is particularly relevant in the development and deployment of an SSO-enabled, software as a service application in which the SaaS application is deployed on the super tenant but accessed by all tenants. Each tenant can have its own set of trusted identity providers, and users of the tenant do not have to physically exist on the same server as the SaaS application. This reduces the management requirements of the super tenant while providing tenants more control and flexibility over their user authentication.

Expanded SCIM Capabilities – The newest release of WSO2 Identity Server enhances support for the System for Cross-domain Identity Management specification by adding OAuth 2.0-based authentication for SCIM. WSO2 Identity Server acts as both a SCIM service provider (both hub and spoke types) and a SCIM service consumer. Now IT organizations can leverage OAuth 2.0 in order to authenticate the SCIM REST endpoints of WSO2 Identity Server.

Expanded Security Assertion Markup Language 2.0 Support – Many existing enterprises that have implemented a service-oriented architecture (SOA) rely on SAML 2.0, but increasingly they need to consume OAuth-protected resources through APIs. WSO2 Identity Server, as an OAuth 2.0 authorization server, now can accept SAML 2.0 assertions from OAuth 2.0 clients and in exchange return back OAuth 2.0 access tokens to access protected resources on behalf of the resource owner. This provides a simple solution for leveraging SAML with REST/API security.

Additional Enhancements – WSO2 Identity Server 4.5 includes several other new features to provide greater ease of use and facilitate user provisioning and management. With this latest release:

  • IT organizations can customize login pages for SAML 2.0, OAuth, OpenID Connect, Passive Security Token Service (STS), and OpenID outside of WSO2 Identity Server.
  • Administrators can configure user account lock/unlock based on failed login attempts.
  • Enterprises have improved support for implementing name/password violation policies.
  • Organizations and their users can recover accounts using email addresses or secret questions.
  • Single sign-on across Google Apps, Salesforce and internal applications is seamlessly integrated with WSO2 Identity Server.
  • Administrators can define a selective set of grant types for OAuth 2.0 applications based on the trust and their capabilities.
  • WSO2 Identity Server adds an improved eXtensible Access Control Markup Language (XACML) editor and SAML 2.0 Web secure single sign-on (SSO) HTTP POST binding for authentication requests.

WSO2 Identity Server Builds on WSO2 Carbon Platform

WSO2 Identity Server is built on the same modular, fully componentized OSGi-compliant code base as the award-winning WSO2 Carbon enterprise middleware platform. Like all WSO2 middleware products, it is inherently cloud-enabled and uses proven core framework components that provide a consistent set of enterprise-class management, security, clustering, logging, statistics, tracing, and other capabilities. Additionally, it offers a graphical management console, which is integrated with other WSO2 middleware products, for configuration, management and monitoring. The componentized architecture gives enterprises unprecedented flexibility to customize WSO2 Identity Server by adding WSO2 Carbon middleware products or the 175-plus components on which they are based.

Availability and Support

WSO2 Identity Server 4.5 is available today as a software download that can run directly on servers or on top of WSO2 Stratos PaaS software; as a WSO2 Cloud Virtual Machine running on the Amazon Elastic Computing Cloud (EC2), Linux Kernel Virtual Machine (KVM), and VMware ESX; and as a hosted service on the WSO2 StratosLive PaaS. As a fully open source solution released under the Apache License 2.0, it does not carry any licensing fees.

WSO2 Identity Server is backed by a world-class technical team in which the experts that helped create the software provide support, leading to direct and immediate access to the people with in-depth knowledge of the middleware. WSO2 service and support options include evaluation support, a special QuickStartSM consulting program, development support, and production support.

About WSO2

WSO2 is the lean enterprise middleware company. It delivers the only complete open source enterprise SOA middleware stack purpose-built as an integrated platform to support today’s heterogeneous enterprise environments—internally and in the cloud. WSO2’s service and support team is led by technical experts who have proven success in deploying enterprise SOAs and contribute to the technology standards that enable them. For more information, visit http://wso2.com, or check out the WSO2 community on the WSO2 Blog, Twitter, LinkedIn, Facebook, and FriendFeed.

Trademarks and registered trademarks are the properties of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Unsecured IoT devices were used to launch crippling DDOS attacks in October 2016, targeting services such as Twitter, Spotify, and GitHub. Subsequent testimony to Congress about potential attacks on office buildings, schools, and hospitals raised the possibility for the IoT to harm and even kill people. What should be done? Does the government need to intervene? This panel at @ThingExpo New York brings together leading IoT and security experts to discuss this very serious topic.
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"At ROHA we develop an app called Catcha. It was developed after we spent a year meeting with, talking to, interacting with senior citizens watching them use their smartphones and talking to them about how they use their smartphones so we could get to know their smartphone behavior," explained Dave Woods, Chief Innovation Officer at ROHA, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
The many IoT deployments around the world are busy integrating smart devices and sensors into their enterprise IT infrastructures. Yet all of this technology – and there are an amazing number of choices – is of no use without the software to gather, communicate, and analyze the new data flows. Without software, there is no IT. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Dave McCarthy, Director of Products at Bsquare Corporation; Alan Williamson, Principal...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
An IoT product’s log files speak volumes about what’s happening with your products in the field, pinpointing current and potential issues, and enabling you to predict failures and save millions of dollars in inventory. But until recently, no one knew how to listen. In his session at @ThingsExpo, Dan Gettens, Chief Research Officer at OnProcess, discussed recent research by Massachusetts Institute of Technology and OnProcess Technology, where MIT created a new, breakthrough analytics model for ...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.