gaqmedi.blogg.se - Radiant identities pdf

Security Token Services such as CFS face the classic problem of needing to connect to multiple identity sources (using multiple access protocols) to find, authenticate, and gather attributes about a user.

Access enterprise applications using one set of credentials.

Both IdP and RP-initiated (users can access applications either from the CFS portal site, or by navigating directly to the application) SSO.

Easily and securely extend access to cloud applications to new populations of users.

No need to migrate identity information to the cloud, and then synchronize yet another “cloud” data silo with your on-premise sources- CFS allows you to re-use your existing identity sources for the cloud.

Applications are relieved of the burden of Identity Management tasks, making future deployments of applications easier and faster.

Users don’t have to remember all their various usernames and passwords-they can be authenticated once, and get access to multiple applications.

Users are authenticated in local data sources (LDAP directories, Active Directories, etc) which are managed by you and not a third party.

User information is sent in digitally signed tokens over SSL.

Some of the benefits of making your infrastructure into an Identity Provider:

This allows users to be authenticated in their local, authoritative identity stores, and then securely access applications (in any domain), without having to re-enter their credentials. The claims contained in the security tokens are trusted by applications as proof that a user has been authenticated, and as a set of information about the user which can be used to make authorizationĭecisions. To a set of claims-enabled cloud applications.

As an STS, CFS receives, translates, generates, and transmits identity information via digitally signed security tokens containing user attributes (claims),

RadiantOne Cloud Federation Service (CFS) is a Security Token Service (STS) which leverages the RadiantOne Federated Identity Service (FID) as a single point of access to enterprise data stores, to turn your existing identity infrastructureĬFS is a gateway between your enterprise identity stores and consuming applications.