*WSO2 Identity Server 5.0.0 Released!* The WSO2 Identity Server team is pleased to announce the release of version 5.0.0 of the WSO2 Identity Server (IS).
WSO2 Identity Server is an open source Identity and Entitlement management server. It supports a wide array of authentication protocols such as SAML 2.0 Web SSO, OpenID, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive. It supports role based authorization and fined grained authorization with XACML 2.0/3.0 while inbound/outbound provisioning is supported through SCIM and SPML WSO2 Identity Server is developed on top of the revolutionary WSO2 Carbon platform <http://wso2.com/products/carbon>, an OSGi based framework that provides seamless modularity to your SOA via componentization. All the major features have been developed as pluggable Carbon components. You can download this distribution from http://wso2.com/products/identity-server/. The online documentation is available at http://docs.wso2.org/wiki/display/IS500/WSO2+Identity+Server+Documentation. *How to Run* 1. Extract the downloaded zip 2. Go to the bin directory in the extracted folder 3. Run the wso2server.sh or wso2server.bat as appropriate 4. If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server. The INSTALL.txt file found on the installation directory will give you a comprehensive set of options and properties that can be passed into the startup script *New Features In This Release* - *Identity Bridge* WSO2 Identity Server 5.0.0 is capable of translating between heterogeneous authentication protocols and transforming and mediating any identity assertion, between SAML2.0, OAuth 1.0a/2.0, OpenID, OpenID Connect, WS-Federation Passive. This leads to seamless integration between internal applications and cloud applications such as Salesforce, Google Apps and Office 365. - *Multi-option and multi-step authentication* With WSO2 Identity Server 5.0.0, a given service provider (irrespective of the protocol it supports) can select the login options it wants to present to it users. Authentication can be a mix of two types: Multi-option login and multi-step login. With multi-option authentication - the user will be presented with a login screen to pick whatever the authentication mechanism he/she wants (e.g.: Username/password, Social login with Facebook, Login with a federated Home Identity Provider). A service provider can also choose to have multi-step authentication. Multi step authentication can naturally be extended to be multi-factor depending on the kind of authentication. - *Request Path Authenticators.* The responsibly of getting the user's credentials is left to the service provider, and the credentials will be attached to the request to the Identity Server. - *Social Login with Facebook / Google / Microsoft Windows Live.* Facebook / Google / Microsoft Windows Live authenticators are the very first authenticators we are shipping with Identity Server 5.0.0 for social login. - *Ability to plug-in custom developed authenticators.* Owing to the power of OSGi, custom authenticators can be easily written and put into the Identity Server which will pick them dynamically and execute. The UI will also be extended with property fields for administrators to configure the authenticators if they are federated authenticators - *Provisioning Bridge.* WSO2 Identity Server 5.0.0 is capable of accepting inbound provisioning requests based on SOAP or SCIM, provisioning to the Resident Identity Provider using LDAP, Active Directory, JDBC or Carbon Remote UserStoreManagement user management APIs, and transform them to outbound provisioning requests based on SCIM, SPML 2.0, Salesforce, Google Apps provisioning APIs. - *Just-in-time provisioning.* In the process of federated login WSO2 Identity Server is capable of provisioning the corresponding subject to a preferred user store domain as well as other configured Identity Providers. - *Ability to plug-in custom developed provisioning connectors.* Like with authenticators provisioning connectors also can be added to the system by implementing the relevant APIs and dropping them to the system as OSGi bundles. - *User Dashboard.* WSO2 Identity Server 5.0.0 ships with a jaggery based user dashboard to expose end user functionality. This dashboard is completely decoupled from the management console, and is completely extensible due to the fact that it is able to render gadgets. The application can run from within IS or as a separate jaggery app on AS. - *SAML2 Web SSO profile Request / Response validator.* A UI based tool in the Identity Server 5.0.0 management console for debugging the SAML2 Web SSO requests and responses. - *Remote User Store Management.* WSO2 Carbon's User/Group Administration SOAP API is also now supported as part of the UserStoreManager implementations shipped by default. This means heterogeneous user stores distributed across different data centers can be managed from a single Identity Server node. - *Custom permissions.* Application specific permissions can be added by service providers and assigned to roles, and by using the remote authorization API do permission based access control for users. - *Encrypted SAML2 Assertions.* The SAML2 assertion issued for SAML2 based SSO login can now have encrypted assertions. To decrypt the assertion the service provider will have to have the Identity Server tenant's public certificate. - *NTLM grant type for OAuth 2.0* *Key Features of WSO2 Identity Server* - Dynamically discovered federation - Identity Bridge - translation between heterogeneous Identity authentication protocols - SP Initiated and IDP Initiated SAML 2.0 Web Browser SSO provider - SAML2 Single Logout profile support - OpenID 2.0 Provider - OpenID Connect Authorization Server - Social login with Facebook, Google, Yahoo and Windows Live - XACML 3.0/2.0 based Entitlement Engine with WS-XACML support - OAuth 2.0/1.0a Authorization Server with OAuth 2.0/1.0a support - Inbound and Outbound Identity Provisioning with SCIM 1.1 - Outbound Identiy Provisioning with SPML 2.0, Salesforce and GoogleApps - Integrated Windows Authentication and webSEAL authentication - Multi-option and multi-step (multi-factor) authentication - Claim based Security Token Service(STS) with SAML 2.0/1.1 support. - Support for various types of User Stores such as JDBC, Cassandra, LDAP, Active Directory in Read/Write mode. - Claim Management - User Profiles and Profile Management - Separable front-end and back-end - a single front-end server can be used to administer several back-end servers *Issues Fixed in This Release* This release of WSO2 Identity Server comes with a number of bug fixes, both in the base Carbon framework and in the Identity Server specific components. All the issues which have been fixed in this release can be found at: Fixed Issues for WSO2 Identity Server 5.0.0<https://wso2.org/jira/issues/?filter=11808> *Known Issues* All the known issues in WSO2 Identity Server 5.0.0 are reported at: Known issues in WSO2 Identity Server 5.0.0<https://wso2.org/jira/issues/?filter=11786> *How You Can Contribute* *Mailing Lists* Join our mailing list and correspond with the developers directly. Developer list : [email protected] | Subscribe<[email protected]?subject=subscribe>| Mail Archive <http://wso2.org/mailarchive/dev/> User forum : StackOverflow<http://stackoverflow.com/questions/tagged/wso2> *Reporting Issues* We encourage you to report issues, documentation faults and feature requests regarding WSO2 Identity Server or in the Carbon base framework through the public WSO2 Identity Server JIRA<https://wso2.org/jira/browse/IDENTITY>or Carbon JIRA <http://www.wso2.org/jira/browse/CARBON>. *Support* We are committed to ensuring that your enterprise middleware deployment is completely supported from evaluation to production. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity http://wso2.com/support/ For more information about WSO2 Identity Server, please see http://wso2.com/products/identity-server or visit the WSO2 Oxygen Tank<http://wso2.org/library>developer portal for addition resources. Thank you for your interest in WSO2 Identity Server. Thanks and Regards, ~WSO2 Identity Server Team~
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
