Presentation is loading. Please wait.

Presentation is loading. Please wait.

TrueNTH OAuth Role Based Permission System Victor de Lima Soares

Published byAmanda Ball Modified over 6 years ago

Similar presentations

Presentation on theme: "TrueNTH OAuth Role Based Permission System Victor de Lima Soares"— Presentation transcript:

1 TrueNTH OAuth Role Based Permission System Victor de Lima Soares
TrueNTHConnect TrueNTH OAuth Role Based Permission System Victor de Lima Soares

2 TrueNTH “TrueNTH will provide personalised practical, information, support and programs that can address the individual needs of men and their families.” [2] understands that treatment alone is not enough Interventions CMS Research Social features, sharing 2

3 User experience platform
TrueNTHConnect The conception a secure space were information can be constructed and shared to help Movember in improving patients’ life experience. User experience platform Unified look and feel Unified Session Management Sharing information CMS to User Experience SSO 3

4 TrueNTHConnect sub-projects

5 TrueNTHConnect phases
Support library Management interfaces Standard evaluation Protocol review Protocol development Protocol development Support library Library selection Alternatives Management interfaces Standard evaluation CORS for authentication

6 TrueNTHConnect at a glance

7 Major components that trigger login actions, example
Project scope Technology type and location Liferay Licence Project reuse 7

8 Session management protocol
TrueNTHConnect Session management protocol

9 TrueNTHConnect TrueNTHConnect is a plug-in and hot pluggable project, which is responsible for turning Liferay into an OAuth client, following our protocol specifications to attain our target security services: identification, authentication and authorization.

10 OAuth Why? Challenge Central authority with many protected resources
OAuth is a flexible authorization framework Widely deployed OAuth is not an authentication framework It does not provide build-in protocols Client logic is undefined

11 OAuth Presence !! Bearer token – no owner 11

12 SS OAuth Presence !! 12

13 SS OAuth for authentication
Presence !! Compliance with Oauth and standards for Oauth over HTTP 13

14 SS OAuth for authentication
Presence !! 14

15 SS OAuth for authentication
Presence !! 15

16 SS OAuth for authentication
Presence !! 16

17 Command receiver Receive orders Micro framework
Struts entrance point Roles deletion Unilateral logout Information update Maintenance 17

18 Session manager Session search Spring – shared memory 18

19 Shared resource

20 Configuration portlet
Security policies that are conseptionaly linked to SS Configuration 20

21 Configuration portlet
Security policies that are conseptionaly linked to SS Controller 21

22 TrueNTHConnect User Roles

23 Liferay’s permission system

24 Role mapping Security policies that are conseptionaly linked to SS 24

25 Role mapping Security policies that are conseptionaly linked to SS 25

26 Role mapping Security policies that are conseptionaly linked to SS
Configuration 26

27 Role mapping Security policies that are conseptionaly linked to SS
Visualization 27

28 Role mapping Security policies that are conseptionaly linked to SS
Adding new rules 28

29 Role mapping Security policies that are conseptionaly linked to SS
Database 29

30 Role mapping Security policies that are conseptionaly linked to SS
Portlet 30

31 Data driven services

32 Uniformity everywhere
OAuth Library Uniformity everywhere

33 Login flow Multiple calls!!
LR was building the HTTP requests, line by line Different URLs, parameters, signatures 33

34 Extractor API Demographics

35 Extractor API Roles

36 Library Uniform flow for requests
Parameters and signatures build in the same way Safer options to communicate with SS RFCs’ use case isolated and tailored for SS Shared knowledge Knowledge of data model specifications Solid base: ScribeJava (version 1.3) Apache Commons Codec (version 1.10 or superior) JSON Processing (version or superior) Java SE Library

37 Library Service

38 Questions?

Download ppt "TrueNTH OAuth Role Based Permission System Victor de Lima Soares"

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
CACORE TOOLS FEATURES. caCORE SDK Features caCORE Workbench Plugin EA/ArgoUML Plug-in development Integrated support of semantic integration in the plugin.

CACORE TOOLS FEATURES. caCORE SDK Features caCORE Workbench Plugin EA/ArgoUML Plug-in development Integrated support of semantic integration in the plugin.
1Proprietary and Confidential AirVantage API – Getting started David SCIAMMA – June 13th 2014.

1Proprietary and Confidential AirVantage API – Getting started David SCIAMMA – June 13th 2014.
Portal Technology Feasibility Study Kangaroo Software Jon Ferry Chris Helmeset Greg McGraw Jonathan Peffer.

Portal Technology Feasibility Study Kangaroo Software Jon Ferry Chris Helmeset Greg McGraw Jonathan Peffer.
REST support for B2B access to your AppServer PUG Challenge Americas - 2014 Michael Jacobs : Senior Software Architect Edsel Garcia : Principal Software.

REST support for B2B access to your AppServer PUG Challenge Americas Michael Jacobs : Senior Software Architect Edsel Garcia : Principal Software.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
Techpedia Platform Understanding and Platform Architecture Vision.

Techpedia Platform Understanding and Platform Architecture Vision.
Peoplesoft: Building and Consuming Web Services

Peoplesoft: Building and Consuming Web Services
Authenticating REST/Mobile clients using LDAP and OERealm

Authenticating REST/Mobile clients using LDAP and OERealm
SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.

SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.
Identity Management Report By Jean Carreon and Marlon Gonzales.

Identity Management Report By Jean Carreon and Marlon Gonzales.
Survey of Identity Repository Security Models JSR 351, Sep 2012.

Survey of Identity Repository Security Models JSR 351, Sep 2012.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.

M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
Xavier Lawrence March 2005. X. Lawrence - Synchronization of Calendars with a Calendar Server - 2 / 20 Presentation Overview Introduction Project Objectives.

Xavier Lawrence March X. Lawrence - Synchronization of Calendars with a Calendar Server - 2 / 20 Presentation Overview Introduction Project Objectives.
Key Management with the Voltage Data Protection Server Luther Martin IEEE P1619.3 May 7, 2007.

Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.

FIspace SPT Seyhun Futaci. Technology behind FIspace Authentication and Authorization IDM service of Fispace provides SSO solution for web apps, mobile.
MMS DresdenGermany – Dresden - Slide N°1Adolf Liepelt Final Project Review Newcastle upon Tyne, April 19, 2004 AESOP Platform.

MMS DresdenGermany – Dresden - Slide N°1Adolf Liepelt Final Project Review Newcastle upon Tyne, April 19, 2004 AESOP Platform.
CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.

CAS Lightning Talk Jasig-Sakai 2012 Tuesday June 12th 2012 Atlanta, GA Andrew Petro - Unicon, Inc.
Openid Connect https://store.theartofservice.com/the-openid-connect-toolkit.html.

Openid Connect
Navigation Framework using CF Architecture for a Client-Server Application using the open standards of the web Kedar Desai presented by.

Navigation Framework using CF Architecture for a Client-Server Application using the open standards of the web Kedar Desai presented by.

Similar presentations

Ads by Google