Posts Tagged ‘security’

For those of you familiar with OpenSSO / OpenAM, you probably know the online documentation is mediocre and that there exists few other options to ramp on this technology.  Packt Publishing sent me a free copy or ecopy of the OpenAM book since I had blogged about OpenSSO earlier.   The book by Indira Thangasamy (LinkedIn […]

Jason Wicker of IBM has posted a comprehensive set of security concepts and considerations for IBM WebSphere Portal.  While much of this information exists in various forms throughout the v6.1 and v7.0 InfoCenters and Redbooks, Jason captures it all in one place. I’d recommend that Portal customers and consultants use that article as a security-related […]

NOTE: This blog is based on a post originally written in January of 2010 when both SharePoint 2010 and AD FS 2.0 were in Release Candidate stage. The version you are reading here has been updated it to correct some important omissions related to the RTW bits. ======================================================== In my previous post, I demonstrated how […]

NOTE: This blog is based on a post originally written at the end of 2009 when both SharePoint 2010 and AD FS 2.0 were in Release Candidate stage. The version you are reading here has been updated it to correct some important omissions related to the RTW bits. ======================== One of the most intriguing of […]

A nice article was recently published on IBM’s WebSphere Portal wiki about using a mixture of HTTP and HTTPS pages on a WebSphere Portal site.  The reasoning for that approach is basically that you need to encrypt certain sensitive traffic, but don’t want to encrypt traffic for the entire site for performance reasons. Before you […]

Back in June 2010, Vittorio Bertocci posted a method to implement sliding sessions with Windows Identity Foundation (WIF) on his blog. While the article addresses ASP.NET applications configured to use WIF, Vittorio mentions that SharePoint 2010 implements sliding sessions for Forms authentication more or less out-of-the-box. Sadly this is not the case for situations where […]

In an earlier post, I demonstrated how you can use Windows Azure ACS v2 as a Trusted Identity Provider to SharePoint 2010. One of the interesting options that ACS v2 provides is sign-in using Facebook. Using social media as a means to provide single sign on with SharePoint has always been an interest of mine […]

So last week we briefly touched on the characteristics of a good IdM solution or at least an environment that was IdM hygienic.  Some of those characteristics included the following: View, create, modify, and delete users Change passwords Add or delete a user in a security group Approve or reject requests Delegate all permissions This […]

I recently read an article by CIO Magazine about what can “safely go offshore.” I found the list fascinating, but I’m wondering what you might add to this list based on your experiences? Or, the way author Mathias Thurman puts it: “what I would be comfortable with outsourcing and what I would never want to […]

Sun supported the open source Identity and Access Management (IAM) product called OpenSSO. It was free, easy to install, and had support through Sun.  Once Oracle completed the acquisition, they announced it was pretty much a dead product.  It didn’t take long for OpenSSO to fork the code stream and become OpenAM (Access Management).  You […]

In my last post, I demonstrated how to enable Windows Identity Foundation (WIF) on a WCF web service and configure it to require a SAML 1.1 “ActAs” token from a SharePoint 2010 server. In this post, I’ll demonstrate how this web service and the data it provides can be integrated with SharePoint 2010 in a […]

Most of my previous posts involve configuring Claims Mode authentication in SharePoint 2010 and using federated Identity Providers (IP) to authenticate users. I also recently demonstrated how roles can be defined internally and assigned to user identities via ADFS 2.0 through token augmentation. These roles can in turn be used for access control to resources […]