Základní info
Description
This course will provide the students with the necessary skills to plan, install, configure and administer a ForgeRock OpenAM deployment. The main goal of the course is to give a quick understanding and hands-on experience, so students can control the most important functions of ForgeRock OpenAM and manage a production deployment.
Audience
The course is aimed at system administrators, integrators, consultants, architects and developers installing and configuring ForgeRock OpenAM.
- System Administrators
- System Integrators
- System Consultants
- System Architects
- Developers
Prerequisites
- A basic knowledge of Unix commands
- A basic understanding of how LDAP works
- An appreciation of HTTP and web applications
- A basic knowledge of Java would be beneficial, although programming experience is not required
Duration
4 days
Course contents
Introduction
- Identity Management Concepts: Provisioning, Authentication, Authorization
- Access Management: Access Control, Single Sign On, Web Access Management, Federation
Architecture
- ForgeRock OpenAM Architecture: Authentication, Authorization, Federation
- Policy Agents
ForgeRock OpenAM Installation
- Deployment components
- Supported platforms
- Hardware requirements
- Installation process
- Deployment scenarios: Single instance, Distributed Authentication, High availability
- Lab: Installation
Web Application Integration
- Integration scenarios
- Policy Agents
- ForgeRock OpenAM web services interface: SOAP/WSDL, REST
- Client SDK
- Lab: Apache Policy agent installation; REST example
Realms
- Data stores for ForgeRock OpenAM
- Understanding realms
- Identity repositories
- Lab: Creating and using a realm
Authentication and SSO
- ForgeRock OpenAM Authentication process
- Authentication Architecture: Server side, Client side
- Sessions: Authentication states, Session service
- Configuring authentication
- Authentication chains
- Post authentication plug-in
- Programmatic authentication
- Lab: Configuring authentication modules
Authentication customization
- Authentication Web User interface
- Customizing the Web User Interface: Files, directory structure, JSP templates
Creating an authentication module
- Process of creating an authentication module
- Adding a customized authentication module
- Lab: Create, install and use a new authentication module; Install a post authentication plug-in
Policies
- Authorization policies overview
- Policy Component Functionality: Definition, storage, administration
- Configuring Policies
- Lab: Create polices and use more configuration options of the Apache Policy Agent
Federation
- Concepts: SAML 1.1 & 2.0; Liberty ID-FF; Fedlet; ID-WSF
- Configuring SAML 2.0 in ForgeRock OpenAM as an IdP; as an SP
- The Fedlet
- SAML 2.0 extending functionality with plug-ins
- Account mapper- Attribute mapper- Context mapper- Lab: Configure ForgeRock OpenAM in a Federated environment using SAML2
- Configure as an IdP- Configure as an SP- Deploy and use a Fedlet
