In this tutorial I will walk through using OpenAM as an Authentication, Single Sign On, and Authorization service for web applications. First, showing how OpenAM can easily be set up to handle Users, and provide Authentication to a simple web application. Configuring a second web application shows how Single Sign On, (SSO) is achieved between the applications as a consequence of using the Authentication services.
Then we will add Entitlement checking to the application and show how OpenAM can define, and manage the entitlements, and handle changes in entitlement specifications without any modifications to the resulting web Applications.
Finally I will show fine grained entitlements that depend on session attributes set by other applications, allowing for a truly enterprise wide Authentication and Authorization service.
Allan Foster is a founding member of ForgeRock, bringing skills in the entire Identity management space. He has proven skills in Access Management, Federation, and Portal Architectures. Allan is based in Portal, Oregon in the USA, and has worked with the ForgeRock products, as well as prior version of the products for several years.
Allan brings 25 years of experience in the development, internet, and Identity management spaces to ForgeRock. Allan's career has reached from Apple Computer inc, to Netscape, AOL, Guru Associates, and Sun Microsystems before joining the team at ForgeRock.