Project Title: Extending Identity Management to Web Services

The Challenge

A leader in Internet Identity Management technologies needed to develop a standalone application that implements a Security Token Service to extend Identity Management to web services.

To facilitate development and accelerate time-to-market the client sought a partner who could seamlessly integrate with its core development team and support standard processes based on the agile approach. The client was looking for a partner who would co-development the solution from step one.

Luxoft was chosen for its ability to provide a highly qualified team ready to work as an extension of the client’s product development and testing teams.

The Solution

Collaborating closely with the client, the Luxoft team helped architect, design and develop the standalone Security Token Server- PingTrust. The solution creates and validates security tokens that are bound into SOAP messages compatible with the Web Services Security (WSS) standard. The result brings standards-based, trusted, user identity to Web Services and Service-Oriented Architectures (SOAs).

PingTrust builds on two open security standards that set the stage for true interoperability and a solution that scales. OASIS Web Services Security 1.0 (formerly WS-Security) enables the embedding of security tokens in SOAP messages, while WS-Trust establishes a mechanism for obtaining and validating tokens from a Security Token Service (STS). PingTrust supports both .NET and Java applications, and Web-based and rich clients. PingTrust can operate on the Web Services Client-side, Provider-side, or on both sides of a Web Service transaction.

PingTrust is a lightweight, standalone, modular product that:

• Provides out-of-the-box support for several token types including SAML 1.1 and SAML 2.0, x.509, Kerberos and username/password, and is extensible to support custom tokens
  
• Provides a Web-based console for 100% GUI configuration
  
• Moves identity-related security and cryptography code out of applications by consolidating token security token processing into a centralized, shared server
  
• Aggregates trust management to dramatically simplify administration
  
• Does not require a heavyweight identity management system

Benefits
By supporting WS-Trust, PingTrust provides a Security Token Service that can participate in the Identity Metasystem. PingTrust enables identity information to be exchanged using industry standard Web services regardless of the underlying platforms.

Tools and Technologies

• Java, .NET
  
• SOAs
  
• WS-Security
  
• SAML 1.1 and SAML 2.0
  
• Kerberos

Related links

Post Your Story, Tell All About Your Success!

If you want the story of your company to appear on the portal please fill out this form and send it to [email protected]. We would also like you to leave contact information (name, e-mail, phone) of a person who is responsible for filling the form to clarify any questions, which could appear.

Available Success Stories From Companies:

Disclaimer

All information contained in this Section is owned by RUSSOFT.org and its Participants and is protected by Russian and international copyright laws. Any reproduction or republication of all or part of this Section has to remain intact and include a notice on the copyright of RUSSOFT.org or the Participants, as applicable.

While the information of this Section has been presented with all due care, RUSSOFT.org does not warrant the accuracy, completeness, usefulness and truth of Section’s information, links and logos derived from third parties. RUSSOFT.org is not liable for any loss or damage occurring from the use of this Section’s materials.