par janua | Sep 9, 2016 | Communauté, Gestion des Identités, Sécurité, SSO
Refresh token lifecycle in OpenAM could be very tricky, not easy to understand and implement. So that we share in this document our experiences. 1. Description Refresh Token is a feature provided with Oauth2 Authorization code or Resource Owner Password Credentials...
par janua | Avr 14, 2016 | Communauté, Gestion des Identités, SSO
Saving OAuth2 consent: when configured as an OAuth2 service provider, OpenAM is capable of saving the user’s consent. This prevent the resource owner from having to validate the authorization consent each time for the same client and scopes. To save OAuth2...
par janua | Nov 2, 2015 | Communauté, Conférence, Gestion des Identités, IoT, Salon, Sécurité, SSO
JANUA exposera les 18 et 19 Novembre lors de Paris Open Source Summit et vous attend sur son stand B6-C7. https://www.opensourcesummit.paris/exposant.html?eid=8226 Janua participera aussi à la table ronde « Risques et responsabilités » de 9h00 à 12h00 en Salle Genève...
par janua | Sep 2, 2015 | Cloud, Gestion des Identités, Open Source, Sécurité, SSO
France Connect: un exemple de mise en oeuvre d’OpenID Connect. L’arrêté concernant France Connect, le projet de système d’authentification et d’identification commun à l’ensemble des administrations, vient d’être publié au Journal...
par janua | Mar 26, 2015 | Communauté, Open Source, Sécurité, SSO
This is a simple demo showing a mobile application, in this case running in an iPhone simulator, interacting with ForgeRock OpenAM 12.0 REST API’s. A basic session token interaction is demonstrated along with demonstration and discussion on how authorization deci...
par janua | Jan 9, 2015 | Communauté, Developpement, Gestion des Identités, Sécurité, SSO
OpenAM Custom Password Generator : I told you in a previous post about the OpenLDAP Password Policy Module which allows defining the password complexity rules by configuring an external file. OpenAM-CPG is an OpenAM reset password plugin using the same configuration...
par janua | Déc 22, 2014 | Conférence, Documents, Gestion des Identités, SSO
Une présentation de Cyril Grosjean, directeur technique de JANUA sur OAuth et OpenID. OpenID est un système d’authentification décentralisé qui permet l’authentification unique, ainsi que le partage d’attributs. Il permet à un utilisateur de s’authentifier auprès de...
par janua | Déc 19, 2014 | Communauté, Gestion des Identités, IoT, Sécurité, SSO
You know that blue “Share” button in Google Apps? Ever wanted to add a feature like that to your own app or API ecosystem? The UMA protocol enables you to do just that. Source : https://forgerock.org/openuma/ User-Managed Access (UMA) is an OAuth-based protocol that...
par janua | Déc 18, 2014 | Gestion des Identités, Sécurité, SSO
OpenAM 12 fixes a number of issues, and provides the following additional features. source: Major New Features New Features for Users User Self-ServiceOpenAM supports self-service user registration, device management and password reset – reducing costs and...
par janua | Déc 17, 2014 | Gestion des Identités, IoT, Sécurité
Identity Management in the IoT (Internet of things). IoT is more like an umbrella term that encompasses different architectures where for example things can talk to each other, talk to a computer sitting at home or in the cloud, to a proxy or mobile phone or even to...
par janua | Nov 26, 2014 | Gestion des Identités, IoT, Sécurité
Looking for the Key to Security in the Internet of Things. By Mark Anderson – Source : https://spectrum.ieee.org/riskfactor/consumer-electronics/standards/looking-for-the-key-to-security-in-the-internet-of-things As the number of Internet connected-devices in...
par janua | Oct 17, 2014 | Communauté, LDAP, Open Source
A new security issue hit the streets this week: the Poodle SSL bug. While the vulnerability is mostly triggered by the client, it’s also possible to prevent attack by disabling the use of SSLv3 all together on the server side, eg. OpenDJ. from Ludovic Poitou blog...
