apache syncope identity manager 20120623 confsl
DESCRIPTION
My presentation at ConfSL 2012 (http://www.confsl.org) about Apache Syncope OpenSource IdMTRANSCRIPT
Apache Syncope Identity Manager
Francesco Chicchiriccò <[email protected]>Ancona, 22 giugno 2012
2Apache Syncope Identity Manager
Il problema IAM
Identity and Access Management
3Apache Syncope Identity Manager
Lo scenario di riferimento
4Apache Syncope Identity Manager
Identità digitale
Una identità digitale è un insieme di informazioni relative ad un soggetto digitale
Ad un soggetto digitale corrispondono tipicamente una o più identità digitali
Un soggetto digitale è una entità in un certo dominio applicativo (esempio: un dipendente all'interno di una organizzazione)
Le informazioni in questione sono i valori di uno o più attributi di un soggetto digitale (telefono, e-mail, ruoli, ...)
5Apache Syncope Identity Manager
Ciclo di vita dell'identità digitale
6Apache Syncope Identity Manager
IAM: prima...
7Apache Syncope Identity Manager
...e dopo
8Apache Syncope Identity Manager
La soluzione: Apache Syncope
9Apache Syncope Identity Manager
Il progetto
http://incubator.apache.org/syncope/Licenza: AL 2.0Tecnologia: JEEBuild & overlay: Apache MavenSCM: SubversionCI: JenkinsIssue Tracker: JIRADoc: Confluence
Apache Syncope is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the Apache Incubator PMC. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.
10Apache Syncope Identity Manager
Le fondamenta
11Apache Syncope Identity Manager
L'architettura
RESTful controllers
Users Roles Policies
Workflow
Engine
Scheduler
Business
Intelligence
Connectors
Persistence (JPA)
Third-partyapplications
Administrationconsole
12Apache Syncope Identity Manager
Il dominio applicativo
13Apache Syncope Identity Manager
Core: attributi e mapping
User
User Derived Attributes
Fullname: John Black
Badge: 1432
Username: jblack
Firstname: John
Surname: Black
Email: [email protected]
Password: **********
Nickname: jontheblack
User Attributes
LDAP
uid: jblack
givenName: John
sn: jblack
mail: [email protected]
userpassword: **********
cn: John Black
employeeNumber: 1432
Database
accountId: jblack
firstname: John
surname: jblack
password: *********User Virtual Attributes
HomeDirectory: /home/jblack (stored only on external resource)
homeDirectory: /home/jblack
employeeNumber: 1432
fullname: Jock Black
14Apache Syncope Identity Manager
Open Source?!? Perché?
I sistemi IAM sono stati finora “territorio di caccia” dei grandi vendor come Oracle, Novell, IBM, …
Nuove realtà sono diventate sensibili al problema IAMOrganizzazioni medio-piccoleCloud ComputingSocial Network
Open Source? Non è supportato...http://syncope.tirasa.net
15Apache Syncope Identity Manager
...ma qualcuno lo usa?
iWelcome
Bibliotheek.nl
SURFnet
Ospedali Riuniti di Ancona
ARAG
16Apache Syncope Identity Manager
All text and image content in this document is licensed under the Creative Commons Attribution-Share Alike 3.0 License (unless otherwise specified). Apache, Syncope, Apache Syncope, the Apache feather logo, the Apache Syncope project logo and the Apache Syncope logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.This presentation is based upon the “LibreOffice Presentation Template 1.0”, available at http://templates.libreoffice.org/template-center/libreoffice-presentation-templates/releases/1.0
Domande?
Cercate lo staff con questa maglietta!