Category: Identity Server

[Federated Authentication] : Integrating Shibboleth with WSO2 Identity Server

In my previous blog post,  we went through how you can configure the SAML2 SSO web application with Identity Server. Users authenticate to Identity Server by proving username/password. These username/password must be authenticated with the enterprise user store that is deployed with Identity Server. Therefore only the user who are in the enterprise user store […]

Implementing RBAC and ABAC with XACML

Let see how we can implement RBAC and ABAC with XACML. Here i am using the well known XACML 3.0 open source engine; Identity Server which is based on Balana. Lets think about an API access control scenario as following Think, an API called /patient ( in Health care system. There are three roles […]

In-bound/Out-bound User provisioning with WSO2 Identity Server

Identity Server supports for both In-bound and Out-bound provisions. First let try to understand what is meant by Out/In provisioning In-bound provisioning Provisioning users/groups to Identity Server’s user stores by an application (Service Provider). Supported via SCIM Standard. Also there is a SOAP based web service API. Users/Groups would be created in primary or secondary […]

Banking Sample with XACML

Lets try to understand how XACML can be used in banking applications and how to implement a sample banking authorization system with open source XACML engine. Use case There is bank call KBank, that supports ATM facilities and online money transfer faculties for its own customers. KBank has LDAP user store that contains customer details […]

Multiple decision profile – Hierarchical resources

In my previous post, we went though defining XACML policies for web application. Now i am going to try out the scenario, that is defined there with second approach. i.e. Multiple decision profile  with hierarchical resource profile.  Here i am using Identity Server which is an open source XACML engine that supports XACML 3.0, multiple […]