Hi Nifras, You can store the details related toe RSA in claims and use those + token when calling the RSA api (or sdk)
Self user enrollment may not be required for the initial version. Any way it'll be a manual process for hardware tokens? Same is implemented in inwebo as UserId claim. Please check [1] [1] https://docs.wso2.com/display/ISCONNECTORS/Configuring+Inwebo+Authenticator On Wed, Jun 15, 2016 at 10:55 AM, Nifras Ismail <[email protected]> wrote: > Hi Kathess, > > On RSA Authentication Manger workflow we are not able to provisioning the > users from WSO2 IS. Because the software tokens able to missed use when we > allow self user provisioning, > > Another thing on RSA Authentication Manager workflow : Software tokens buy > by the RSA AM System Admin and he is the one only responsible to provide > the user's token manually. > > But we have a way to associate the user on IS user store from the > registered user on RSA AM. I explain this issue from the following way > > In first factor > ---------------------------------------------------------------------- > if(user_exist_IS_userstore) > /* > * we do the basic authentication > */ > else > /* > * The reason may be it is the first time of user or invalid user, > * so we need to validate his request, > * so we send the username & password to RSA AM from the IS and validate he > is registered or not in RSA AM > */ > if(user_exist_RSA_AM_store) > /* Store the user details on user store of IS then request the token from > the user. */ > else > */ it should be an invalid user */ > > This is the way I think. any suggestions! > > Thank you > > Nifras > > On Tue, Jun 14, 2016 at 11:08 AM, Nifras Ismail <[email protected]> wrote: > >> Hi All, >> >> I'm little bit confussion to choose the proper rsa securid agent from the >> RSA agents list[1]. There is no agent[2] is suitable for to connect IS to >> Authentication Manger. There for I have planed to build from the RSA AM API >> libraries. >> >> Please give your suggestions on my choice of API is preferable. >> >> [1] >> https://www.rsa.com/en-us/products-services/identity-access-management/securid/authentication-agents >> [2] https://community.rsa.com/thread/185834 >> >> On Wed, Jun 8, 2016 at 5:10 PM, Nifras Ismail <[email protected]> wrote: >> >>> Hi Kathees, >>> >>> noted. yes we can. >>> >>> On Thu, Jun 2, 2016 at 10:29 AM, Kathees Rajendram <[email protected]> >>> wrote: >>> >>>> Hi Nifras, >>>> >>>> You need to write the provisioning connector as well or need to link IS >>>> local user to RSA SecurID. >>>> >>>> Thanks, >>>> >>>> On Wed, Jun 1, 2016 at 2:46 PM, Nifras Ismail <[email protected]> wrote: >>>> >>>>> >>>>> >>>>> >>>>> On Wed, Jun 1, 2016 at 2:45 PM, Nifras Ismail <[email protected]> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> I have planned to create RSA SecurID[1] two factor authenticatior for >>>>>> WSO2 Identity Server. >>>>>> >>>>>> RSA SecurID[1], which protects access using two factor authentication >>>>>> with hardware and software tokens. >>>>>> In both cases RSA SecurID uses patented, time-based two factor >>>>>> authentication algorithm to validate users. >>>>>> >>>>>> The authentication flow is as follow : >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> 1. User send the basic credentials(1st Factor) to IS Basic >>>>>> Authenticatior. >>>>>> 2. If authentication success on Basic Authenticatior, RSA IS >>>>>> Authenticator requests the RSA Token (2nd factor) to the user. >>>>>> 3. User send the token which are generated from the RSA >>>>>> Authenticatior at the requested time. >>>>>> 4. RSA IS Authenticatior sends the request to RSA Authentication >>>>>> Agent. >>>>>> 5. Then RSA Authentication Agent request to RSA Authentication >>>>>> Manger to validate the request >>>>>> 6. RSA Authentication Manager validate the authorization request >>>>>> and send the response to the IS >>>>>> 7. If the authentication success, IS grant access to the >>>>>> requested claims. >>>>>> >>>>>> >>>>>> *RSA Authentication Manager* >>>>>> RSA Authentication Manager is a multi-factor authentication system >>>>>> that verify the authentication requests and centrally administrate the >>>>>> authentication policies for enterprises[3]. >>>>>> >>>>>> *RSA Authentication Agent * >>>>>> It is a bridge for communicating to the Authentication Manager with >>>>>> client, and it is process authentication request. >>>>>> >>>>>> *RSA Authenticators* >>>>>> Hardware Authenticators : Dedicated devices (so called key fobs) >>>>>> Software Authenticatiors : Mobile Application Authenticators in >>>>>> Android, iOS, Blackberry, Windows Mobile and etc. [2]. >>>>>> >>>>>> [1] >>>>>> https://www.rsa.com/en-us/perspectives/resources/rsa-securid-software-tokens >>>>>> [2] >>>>>> https://www.rsa.com/en-us/products-services/identity-access-management/securid/software-tokens >>>>>> [3] RSA Authentication Manager Documentation >>>>>> >>>>>> -- >>>>>> Nifras Ismail >>>>>> Associate Software Engineer >>>>>> WSO2 >>>>>> Email : [email protected] >>>>>> Mobile : 0094 77 89 90 300 >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Nifras Ismail >>>>> Associate Software Engineer >>>>> WSO2 >>>>> Email : [email protected] >>>>> Mobile : 0094 77 89 90 300 >>>>> >>>>> _______________________________________________ >>>>> Architecture mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>> >>>>> >>>> >>>> >>>> -- >>>> Kathees >>>> Software Engineer, >>>> email: [email protected] >>>> mobile: +94772596173 >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>>> >>> >>> >>> -- >>> Nifras Ismail >>> Associate Software Engineer >>> WSO2 >>> Email : [email protected] >>> Mobile : 0094 77 89 90 300 >>> >> >> >> >> -- >> Nifras Ismail >> Associate Software Engineer >> WSO2 >> Email : [email protected] >> Mobile : 0094 77 89 90 300 >> > > > > -- > Nifras Ismail > Associate Software Engineer > WSO2 > Email : [email protected] > Mobile : 0094 77 89 90 300 > -- Best Regards, Malaka Silva Senior Technical Lead M: +94 777 219 791 Tel : 94 11 214 5345 Fax :94 11 2145300 Skype : malaka.sampath.silva LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 Blog : http://mrmalakasilva.blogspot.com/ WSO2, Inc. lean . enterprise . middleware http://www.wso2.com/ http://www.wso2.com/about/team/malaka-silva/ <http://wso2.com/about/team/malaka-silva/> https://store.wso2.com/store/ Save a tree -Conserve nature & Save the world for your future. Print this email only if it is absolutely necessary.
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
