Tuesday, January 18, 2011

OpenID 2.0 Supported by Oracle Identity Federation

Mark Karlstrand will be giving a free webinar tomorrow, Wednesday Jan. 19 at 10:00am PT or 1:00pm ET, on how to build a complete extranet security strategy. Part of the discussion will be on how to connect to the cloud securely. This is perfect timing because the Oracle Identity Federation product team just released a feature patch that allows them to now support OpenID 2.0. You can register here for the webinar tomorrow. Below is a brief description of why this is important to companies that want to offer this service to their users.

OIF supports both Relaying Party and OpenID Provider in accordance to recent OpenID 2.0 specification. It enables organizations to start accepting OpenID from leading providers such as Yahoo and Google or to become OpenID provider in a matter of hours. With OIF users can leverage their corporate identity at OpenID-enabled blogging sites and socials networks, such as Facebook.

OIF supports OpenID 2.0

Custom Actions

OIF Custom Actions enable site-specific operations to be executes during federated authentication flows. It gives organizations additional flexibility to implement authentication process that meets their specific security and business needs.

Both Identity Providers and ServiceProviders can benefit by Custom Actions to streamline integrations and reduce application deployment time.

For example, Custom Actions can be used by Identity Providers to dynamically generate additional user attributes, which are not stored in directory or database. The generated attributes can be then added to an attribute statement and sent to a Service Provider. Service Providers can leverage Custom Actions to manipulate identity data received from the Identity Providers and prepare it for consumption by applications or homegrown security tools.

Developing Custom Actions does not require extensive knowledge of federation protocols; they are simple J2EE modules. Once developed, a single Custom Action can be leveraged to customize authentication flows over any protocol supported by OIF.

Hope you will join us tomorrow to discuss this great new feature in OIF.

No comments: