Welcome!

Release Management Authors: Liz McMillan, Jnan Dash, Lori MacVittie, Gilad Parann-Nissany, Carmen Gonzalez

News Feed Item

WSO2 Expands Identity Management Capabilities Across Cloud, Mobile and Web Applications With the Launch of WSO2 Identity Server 4.5

The cloud, mobile computing, and APIs are empowering enterprises to extend their processes to customers, partners, and other groups within the organization. However, with this greater reach come greater challenges to protect data and ensure users’ privacy across multiple domains and devices. WSO2 addresses these challenges with the launch of WSO2 Identity Server 4.5 for authentication and identity management across cloud, mobile and Web applications.

The latest release of the award-winning WSO2 Identity Server adds powerful new capabilities for user provisioning and management, including:

  • Support for OpenID Connect to authenticate users of mobile and Web applications.
  • Stronger tenant control in multitenant cloud deployments through the ability of each tenant to have multiple trusted identity providers and multiple user stores, which are isolated from the rest.
  • Enhanced System for Cross-domain Identity Management (SCIM) with the addition of OAuth 2.0 authentication.
  • Expanded Security Assertion Markup Language (SAML) 2.0 functionality to support seamless integration with Salesforce and Google Apps.
  • Addition of SAML 2.0 grant type for OAuth 2.0 to leverage SAML 2.0 with REST/API security.

“Collectively, the cloud, mobile, APIs, social media, and open source are enabling enterprises to create new connections across employees, customers and partners. Along with new business models, this is also bringing the need for more comprehensive identity management across the diverse participants in these connected enterprises,” said Dr. Sanjiva Weerawarana, WSO2 founder and CEO. “WSO2 Identity Server 4.5 delivers on this demand by combining robust, centralized management with flexible models for provisioning in traditional, cloud and mobile deployments and by facilitating authentication and authorization no matter where or how users choose to access applications and services.”

Robust Identity Management On-premises and in the Cloud

Version 4.5 builds on the proven performance of WSO2 Identity Server, the enterprise-ready, 100% open source, lean, component-based software, which has been in production in Global 1000 enterprises since 2009.

WSO2 Identity Server enables enterprise architects and developers to improve the user’s experience by reducing identity provisioning time, guaranteeing secure online interactions, and delivering a reduced single sign-on (SSO) environment. It also decreases the burden of identity management and entitlement management by including role-based access control, attribute-based access control, fine-grain policy-based access control, and SSO bridging. Featuring full native multi-tenancy, WSO2 Identity Server can run on servers, in a private cloud, public cloud or hybrid cloud environment—all from the same software.

In December 2012, WSO2 Identity Server 4.0 added SCIM support for identity provisioning to facilitate user management operations across software as a service (SaaS) applications. It also incorporated federated identity provider (IdP) functionality, allowing different organizations to make shared services available—for example different universities sharing certain resources with each other’s faculty or students—while enabling single sign-on simplicity for end users. Such federated IdP is particularly important for facilitating authentication across extremely large deployments associated with the cloud.

WSO2 Identity Server is complemented by the WSO2 Cloud Gateway 1.0, first launched in 2010, which provides a secure connection between applications behind the firewall and public platform as a service (PaaS) or SaaS offerings.

New Features in WSO2 Identity Server 4.5

WSO2 Identity Server 4.5 adds significant enhancements to facilitate identity management across multiple devices, domains and applications—on-premises and in the cloud.

New OpenID Connect Support – Version 4.5 adds support for OpenID Connect, a standard for mobile and Web application authentication. An identity framework built on the OAuth 2.0 protocol, OpenID Connect utilizes and extends OAuth 2.0 messages and code flows. With WSO2 Identity Server, enterprises now can use and implement the OpenID Connect Basic Client Profile.

New Multiple Trusted Identity Providers Functionality – WSO2 Identity Server 4.5 allows identity providers to be configured by tenant administrators in a multitenant environment. This is particularly relevant in the development and deployment of an SSO-enabled, software as a service application in which the SaaS application is deployed on the super tenant but accessed by all tenants. Each tenant can have its own set of trusted identity providers, and users of the tenant do not have to physically exist on the same server as the SaaS application. This reduces the management requirements of the super tenant while providing tenants more control and flexibility over their user authentication.

Expanded SCIM Capabilities – The newest release of WSO2 Identity Server enhances support for the System for Cross-domain Identity Management specification by adding OAuth 2.0-based authentication for SCIM. WSO2 Identity Server acts as both a SCIM service provider (both hub and spoke types) and a SCIM service consumer. Now IT organizations can leverage OAuth 2.0 in order to authenticate the SCIM REST endpoints of WSO2 Identity Server.

Expanded Security Assertion Markup Language 2.0 Support – Many existing enterprises that have implemented a service-oriented architecture (SOA) rely on SAML 2.0, but increasingly they need to consume OAuth-protected resources through APIs. WSO2 Identity Server, as an OAuth 2.0 authorization server, now can accept SAML 2.0 assertions from OAuth 2.0 clients and in exchange return back OAuth 2.0 access tokens to access protected resources on behalf of the resource owner. This provides a simple solution for leveraging SAML with REST/API security.

Additional Enhancements – WSO2 Identity Server 4.5 includes several other new features to provide greater ease of use and facilitate user provisioning and management. With this latest release:

  • IT organizations can customize login pages for SAML 2.0, OAuth, OpenID Connect, Passive Security Token Service (STS), and OpenID outside of WSO2 Identity Server.
  • Administrators can configure user account lock/unlock based on failed login attempts.
  • Enterprises have improved support for implementing name/password violation policies.
  • Organizations and their users can recover accounts using email addresses or secret questions.
  • Single sign-on across Google Apps, Salesforce and internal applications is seamlessly integrated with WSO2 Identity Server.
  • Administrators can define a selective set of grant types for OAuth 2.0 applications based on the trust and their capabilities.
  • WSO2 Identity Server adds an improved eXtensible Access Control Markup Language (XACML) editor and SAML 2.0 Web secure single sign-on (SSO) HTTP POST binding for authentication requests.

WSO2 Identity Server Builds on WSO2 Carbon Platform

WSO2 Identity Server is built on the same modular, fully componentized OSGi-compliant code base as the award-winning WSO2 Carbon enterprise middleware platform. Like all WSO2 middleware products, it is inherently cloud-enabled and uses proven core framework components that provide a consistent set of enterprise-class management, security, clustering, logging, statistics, tracing, and other capabilities. Additionally, it offers a graphical management console, which is integrated with other WSO2 middleware products, for configuration, management and monitoring. The componentized architecture gives enterprises unprecedented flexibility to customize WSO2 Identity Server by adding WSO2 Carbon middleware products or the 175-plus components on which they are based.

Availability and Support

WSO2 Identity Server 4.5 is available today as a software download that can run directly on servers or on top of WSO2 Stratos PaaS software; as a WSO2 Cloud Virtual Machine running on the Amazon Elastic Computing Cloud (EC2), Linux Kernel Virtual Machine (KVM), and VMware ESX; and as a hosted service on the WSO2 StratosLive PaaS. As a fully open source solution released under the Apache License 2.0, it does not carry any licensing fees.

WSO2 Identity Server is backed by a world-class technical team in which the experts that helped create the software provide support, leading to direct and immediate access to the people with in-depth knowledge of the middleware. WSO2 service and support options include evaluation support, a special QuickStartSM consulting program, development support, and production support.

About WSO2

WSO2 is the lean enterprise middleware company. It delivers the only complete open source enterprise SOA middleware stack purpose-built as an integrated platform to support today’s heterogeneous enterprise environments—internally and in the cloud. WSO2’s service and support team is led by technical experts who have proven success in deploying enterprise SOAs and contribute to the technology standards that enable them. For more information, visit http://wso2.com, or check out the WSO2 community on the WSO2 Blog, Twitter, LinkedIn, Facebook, and FriendFeed.

Trademarks and registered trademarks are the properties of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, will share examples from a wide range of industries – includin...
"We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
@GonzalezCarmen has been ranked the Number One Influencer and @ThingsExpo has been named the Number One Brand in the “M2M 2016: Top 100 Influencers and Brands” by Onalytica. Onalytica analyzed tweets over the last 6 months mentioning the keywords M2M OR “Machine to Machine.” They then identified the top 100 most influential brands and individuals leading the discussion on Twitter.