Monday, November 24, 2008

A feature rich open source identity provider

WSO2 Identity Solution is an open source identity management solution with CardSpace and OpenID authentication.

Here I would like to list some of it's features.

Ability to issue managed information cards backed by user name/password and self issued information cards

A registered user can download a managed information card against his account and it can be used at trusted information card relying parties.

A user can totally eliminate the use of username/password by backing his managed information card with a self-issued card.

Supports SAML versions 2.0/1.1

Ability to revoke information cards

Provides the ability to revoke issued information cards and block those from being used to authenticate.

Support for the CardSpace default claim set

Claims are used by relying party web applications to express required user information.

The identity provider by default supports the standard set of claims as defined by CardSpace specifications.

These claims can be mapped to various attributes of users in the user store.

Support for custom claim dialects and claims

Provides the flexibility to define custom claims using the identity provider management console and map those claims to user attributes.

Ability to issue OpenIDs

A registered user will be assigned an OpenID and this OpenID can be used at any OpenID relying party web site.

Support for OpenID 2.0

OpenID 2.0 addresses many security vulnerabilities found in 1.1.

Identity Solution has inbuilt support for OpenID 2.0 with following specifications.

- OpenID Authentication 2.0
- OpenID Authentication 1.1
- OpenID Simple Registration Extension 1.1
- OpenID Attribute Exchange 1.0
- OpenID Provider Authentication Policy Extension 1.0, draft 1
- OpenID Information Cards 1.0 - Draft 01

Multi-factor authentication

Identity Solution's OpenID Provider enables multi-factor authentication for OpenID users to provide a stronger form of authentication.

Support for user white-listing & black-listing

Provides the ability to white/black list information cards and OpenID relying parties.

Ability to connect to custom user stores

Identity Solution can be easily customized to connect to a custom user repository [e.g.: Active Directory] to enable information card and OpenID authentication for users.

Built-in user store

Identity Solution ships with a built-in user store, so it can be used out-of the box to enable information card and OpenID authentication.

Statistics/reporting/audit trail

The Identity Provider management console provides a set of statistics/reports for administrators to monitor user accounts, information card/OpenID issuances and token issuances for login requests to relying party web applications.

Information card relying party support for Apache2

With Apache HTTPD module (mod_cspace) any server side scripting language
supported by Apache2 can enable information card relying party support.

Information card/OpenID relying party support with the Java servlet filter

Provides an easy integration point for J2EE based web applications.

Information card relying party support for leading content management frameworks

Identity Solution includes authentication modules for popular content management frameworks such as Drupal and MediaWiki.

0 comments: