A customer asked me what's a OpenAM Fedlet and its usage.
There isn't a lot of detailed document on OpenAM Fedlet. But this article from Oracle is great!
ForgeRock's documentation only has a section on Using Fedlets in Java Web Applications.
In layman term, this is my interpretation of Fedlet:
Basically, big organizations with budget will be using OpenAM Federation service.
e.g. One organization will install OpenAM to act as IdP (Identity Provider), while the rest of the organizations will enable their applications to be SAMLv2 -ready. These applications will then act as SP (Service Provider).
However, this takes time and effort and money.
Smaller organizations will definitely not be able to overhaul their applications to be SAMLv2-ready, as it is not cost-effective. So the way to go is to just deploy Fedlets (generated from OpenAM servers).
The Fedlet will act like a bridge between the OpenAM server (acting as IdP) and the applications.
It's simple and neat.
.
0 comments:
Post a Comment