Thursday, November 29, 2007

What is FEDi?

According to Wikipedia term "Federated Identity" has two general meanings:

  • The virtual reunion, or assembled identity, of a person's user information (or principal), stored across multiple distinct identity management systems. Data is joined together by use of the common token, usually the user name.
  • The process of a user's authentication across multiple IT systems or even organizations.
Consider following scenario of a traveler. The traveler is a flight passenger when he travel across countries using some airline service. He also could be a hotel guest. Another time he could be a customer who booking a car from car rental service.

In the traditional web application scenario, he will be login to airline reservation system and book a flight giving required information. Again he will login to other two systems separately to book a hotel and for rent a car. So every system must managed identity information of same user and this is a huge waste of resources. If these systems use a federated identity management system, they are agreed to mutually trust each others authentication of a user. Once a customer is authenticated to one system he can use that identity information for authenticating to other system which are in same federation.

In FEDi what we trying to do is implement WS-Trust, SAML and WS-Federation specifications on top of the Axis2/C and Rampart/C projects to solve the above identity management and service providing problem for web services.

FEDi will enable us to develop federation enabled web services for Axis2/C with Rampart/C module enabled. FEDi will used the available features in Axis2/C and Rampart/C.


cre dexo said...

This blog post is really great; the standard stuff of the post is genuinely amazing.

Identity Federation