SlideShare a Scribd company logo

Enterprise Security & SSO

Ambareesh Kulkarni, profile picture
Ambareesh Kulkarni

The document discusses the security features of Actuate, an enterprise reporting and analytics platform, including authentication, authorization, auditing, single sign-on, and integration with external security systems. It describes how Actuate provides robust authentication and authorization capabilities with granular access controls. The security architecture of Actuate is also scalable and flexible, supporting a centralized administration of user information across disparate systems.

Technology
1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Actuate Security Enterprise class, Standards based, Robust and Flexible Ambareesh Kulkarni, Director 1 © Actuate Corporation 2008
Anatomy of an Actuate Application ` ` ` FW1 FW2 FW3 Application Web Server Server farm Actuate iServer Actuate Farm running Active nodes Encycl. Portal 2 © Actuate Corporation 2008
Features of Actuate Security AuthN & AuthZ • Authentication -Verify if users are who they claim to be • Authorization -Users can only access what the security policy allows • Role-based access control -Grant access based on the user’s role in the organization • Data privacy -Data integrity & reliability • User Registration -External and Internal • Audit information -Usage and exceptions • Transport Security -Secure delivery of information 3 © Actuate Corporation 2008
Features of Actuate Security AuthN & AuthZ • Non-repudiation on actions -Important user actions carry proof of execution to prevent denial • Session security -User sessions are uniquely identifiable and not subject to masquerading • Session time-out -Session inactivity leads to session termination • Audit logs -All actions are logged for audit use. • Single sign-on -Usage of multiple systems or services does not require additional credentials. 4 © Actuate Corporation 2008
Features of Actuate Security AuthN & AuthZ • Robust authentication & authorization capabilities • Supports both Internal and External Authentication • Can use a combination of UserID/Password for authentication • Optionally: • trust credentials passed to it • Extract Userid and/or password from encrypted artifacts such as (e.g. token, logon ticket etc.) • Granular authorization • Fast and easy mapping of business rules to authorization policy • Course, medium and fine-grained authorization • An open, interoperable Java-based architecture with data source flexibility • Plug-n-play integration with Web, application and directory services • Supports LDAP, RDBMS and any custom data sources 5 © Actuate Corporation 2008
External User Registration and Authentication process flow Business Process 2 Workflow 1 3  Automated Access Approval End Portal Server Users 5 Data Store 4 6 Data Repository Actuate 8 Authentication/Revalidation 7 Services 9 Actuate 6 © Actuate Corporation 2008
Authorization Controls What can you protect?? • Server Controls • Resource – Universal Resource Indicator… • Applications – group of resources… • Dynamic Content – EJB’s, JSP’s, Servlets… • Method-level Protection – Access, Get, Post • Wild-Card Control – *, /*/, *.* 7 © Actuate Corporation 2008
Authorization & Privilege Management Levels Limits access at the URL Coarse-grained level to protect machines Coarse and their contents Provides conditional Medium-grained access to Actuate Folders and files based on access control lists and user roles Controls what data users Fine Fine-grained see once they have access to the report (Page Level Security) 8 © Actuate Corporation 2008
Usage Logging What have you accessed? • Provides records required to meet security policy and compliance requirements Usage logging • Helps pinpoint problem areas against policies • Captures “contextual” Actuate usage log information for better captures ALL diagnosing issues User Activity 9 © Actuate Corporation 2008
Actuate Security Scalable and Flexible Key Server Dispatcher Enforcement (Agent or Proxy) End Users Authentication Authorization Engine Actuate iServer Centralized Logging Engine Browser-based Web/App Administration Server Entitlements Engine 10 © Actuate Corporation 2008
Security Extensions iPortal Security Extension (iPSE) • For Single Sign-on Report Server Security Extension (RSSE) • For any external data store including LDAP & Microsoft Active Directory integration 11 © Actuate Corporation 2008
Single Cluster supports diverse and disparate security systems • Actuate integrates with all major security systems and services providers • RSA, Netegrity, Kerberos, SAP, Tivoli, BMC, SAML, etc. • Leverages investments in enterprise security models • Centralizes the administration of common user information • Supports multiple authentication and authorization sources from a single iServer cluster 12 © Actuate Corporation 2008
Java RSSE Architecture Interface Implementation (Published by Actuate) iServer Endpoint HTTP request RSSE Endpoint DB Access API Java Interface SOAP 3rd party database HTTP response (e.g. LDAP) iServer RSSE Service 13 © Actuate Corporation 2008
Transport Security Web Tier J2EE Server Farm(e.g. WebSphere) Report Server Farm SSl Encrypted Web Browser session Internal traffic SOAP/http Optionally Encrypted using Stunnel or IPSEC ` ` ` FW1 FW2 FW3 Application Web Server Server farm Actuate iServer Actuate Farm running Active nodes Encycl. Portal 14 © Actuate Corporation 2008
Microsoft IIS Web Tier Integration • Reverse HTTP Proxy – using AJP plug-in • Supports IIS forwarding requests to iPortal • AJP plug-in configured with Microsoft IIS Microsoft IIS Oracle Actuate Oracle Containers for AJP 13 HTTP Containers for or iServer Cluster J2EE AJP connector Server J2EE iServer Express 15 © Actuate Corporation 2008
How It Works: ASP.net Forms Authentication & SSO with Actuate Active Directory 1 Microsoft IIS /ASP.NET 2 RSSE 4 8 3 4. App authentication 5 6 Actuate Oracle Oracle 7 HTTP Containers for AJP connector Server Containers for or iServer Cluster J2EE J2EE iServer Express 1. GET default.aspx HTTP/1.1 7. Submit Actuate URL from ASP page 2. 302 Redirect Location: login.aspx 8. Report Server Security Extension provides external authentication 3. POST default.aspx HTTP/1.1 & registration services <form data containing credentials> 5. 200 OK Set-Cookie: .ASPXAUTH Auth Ticket 6. GET default.aspx HTTP/1.1 16 Cookie: .ASPXAUTH Auth Ticket © Actuate Corporation 2008
Seamless Access to Actuate 17 © Actuate Corporation 2008
Seamless Access to Actuate 18 © Actuate Corporation 2008

More Related Content

PDF
Security in a Cloudy Architecture
Bob Rhubart
 
PPTX
Oracle Database Firewall - Pierre Leon
OracleVolutionSeries
 
PDF
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Bob Rhubart
 
PDF
Oracle a TBIZ2011
TechnologyBIZ
 
PDF
Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...
Subbu Devulapalli
 
PDF
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
Novell
 
PPSX
Ppt dbsec-oow2013-avdf
Melody Liu
 
PDF
IT Rationalization: Leveraging Service-Oriented Abstraction
Bob Rhubart
 
Security in a Cloudy Architecture
Bob Rhubart
 
Oracle Database Firewall - Pierre Leon
OracleVolutionSeries
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
Bob Rhubart
 
Oracle a TBIZ2011
TechnologyBIZ
 
Fine Grained Authorization: Technical Insights for Using Oracle Entitlements ...
Subbu Devulapalli
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
Novell
 
Ppt dbsec-oow2013-avdf
Melody Liu
 
IT Rationalization: Leveraging Service-Oriented Abstraction
Bob Rhubart
 

What's hot (20)

PDF
分会场九Altiris终端管理套件和服务器管理套件现在及远景
ITband
 
PDF
CIS13: Managing the Keys to the Kingdom: Next-Gen Role-based Access Control a...
CloudIDSummit
 
PDF
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell
 
PDF
Datapowercommonusecases 130509114200-phpapp02
Krystel Hery
 
PDF
Juniper Enterprise Guest Access
Altaware, Inc.
 
PDF
NetIQ sessie Boudewijn van Lith
vdhendrikse
 
PDF
Whats new in data power
sflynn073
 
PPTX
Managing Windows RT devices in the Enterprise
Microsoft TechNet - Belgium and Luxembourg
 
PPTX
Oracle security-formula
OracleIDM
 
PDF
Manpower group idm-platform
OracleIDM
 
PDF
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Bob Rhubart
 
PDF
Oracle Enterprise Manager
Bob Rhubart
 
PDF
IBM DataPower Gateway appliances feature & virtual edition comparison
IBM DataPower Gateway
 
PDF
Sun java-access-manager-siebel-80-final
Sal Marcuz
 
PDF
Introduction To OSGi
ccustine
 
PDF
03 300364 2
vigil_ayhon
 
PDF
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
Arun Gupta
 
PDF
Identity management11gr2launch finalv2
OracleIDM
 
PDF
Intel Cloud Summit: Greg Brown McAfee
IntelAPAC
 
PDF
Tablet Access to Business Applications
Array Networks
 
分会场九Altiris终端管理套件和服务器管理套件现在及远景
ITband
 
CIS13: Managing the Keys to the Kingdom: Next-Gen Role-based Access Control a...
CloudIDSummit
 
Novell SecureLogin 7 and Your Microsoft Active Directory Setup
Novell
 
Datapowercommonusecases 130509114200-phpapp02
Krystel Hery
 
Juniper Enterprise Guest Access
Altaware, Inc.
 
NetIQ sessie Boudewijn van Lith
vdhendrikse
 
Whats new in data power
sflynn073
 
Managing Windows RT devices in the Enterprise
Microsoft TechNet - Belgium and Luxembourg
 
Oracle security-formula
OracleIDM
 
Manpower group idm-platform
OracleIDM
 
Rationalization and Defense in Depth - Two Steps Closer to the Clouds
Bob Rhubart
 
Oracle Enterprise Manager
Bob Rhubart
 
IBM DataPower Gateway appliances feature & virtual edition comparison
IBM DataPower Gateway
 
Sun java-access-manager-siebel-80-final
Sal Marcuz
 
Introduction To OSGi
ccustine
 
03 300364 2
vigil_ayhon
 
WebLogic 12c Developer Deep Dive at Oracle Develop India 2012
Arun Gupta
 
Identity management11gr2launch finalv2
OracleIDM
 
Intel Cloud Summit: Greg Brown McAfee
IntelAPAC
 
Tablet Access to Business Applications
Array Networks
 
Ad

Viewers also liked (9)

PPTX
Get Your Shift Together: Aligning Everyone to KPIs that Matter
Julie Holmes
 
PPTX
Accenture Security Services: Defending and empowering the resilient digital b...
Accenture Technology
 
PPTX
Sei pronto a passare al continuous delivery?
Accenture Italia
 
PDF
A case study on Accenture
Deeban Babu
 
PPTX
Unlocking the True Benefit of Software Defined Networking
accenture
 
PPTX
Making the business case for DevOps
Martin Croker
 
PDF
Fundamental Review of the Trading Book (FRTB) – Data Challenges
accenture
 
PPT
The New World of As a Service
accenture
 
PDF
Developing a Roadmap for Digital Transformation
John Sinke
 
Get Your Shift Together: Aligning Everyone to KPIs that Matter
Julie Holmes
 
Accenture Security Services: Defending and empowering the resilient digital b...
Accenture Technology
 
Sei pronto a passare al continuous delivery?
Accenture Italia
 
A case study on Accenture
Deeban Babu
 
Unlocking the True Benefit of Software Defined Networking
accenture
 
Making the business case for DevOps
Martin Croker
 
Fundamental Review of the Trading Book (FRTB) – Data Challenges
accenture
 
The New World of As a Service
accenture
 
Developing a Roadmap for Digital Transformation
John Sinke
 
Ad

Similar to Enterprise Security & SSO (20)

PDF
License Management
SVPMA
 
PDF
OpenStack Security
openstackindia
 
PDF
Overview of Identity and Access Management Product Line
Novell
 
PDF
Real User Experience Insight
ruiruitang
 
PDF
Real User Experience Insight
ruiruitang
 
PDF
Real User Experience Insight
ruiruitang
 
PDF
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
Risk Analysis Consultants, s.r.o.
 
PPT
Compliance and Governance Through Complex Entitlement Management
Noam Bunder
 
PDF
License Management Overview
Dominic Haigh
 
PDF
5 Keys to Delivering Storage-as-a-Service Without Losing Control
Jeannette Grand
 
PDF
Wallix AdminBastion - Privileged User Management &amp; Access Control
zayedalji
 
PDF
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust
 
PDF
DSS - ITSEC conf - Centrify - Identity Control and Access Management - Riga N...
Andris Soroka
 
PDF
Tänased võimalused turvalahendustes - Tarvi Tara
ORACLE USER GROUP ESTONIA
 
PDF
Integrating Novell Access Governance Suite with Novell Identity Manager
Novell
 
PDF
Cisco Study: State of Web Security
Cisco Canada
 
PDF
What's New in Novell Identity Manager 4.0
Novell
 
PDF
Troubleshooting Novell Access Manager 3.1
Novell
 
PDF
59264945-Websphere-Security.pdf
DeepakAC3
 
PPTX
Eucalyptus-AWS Hybrid Using RightScale myCloud
RightScale
 
License Management
SVPMA
 
OpenStack Security
openstackindia
 
Overview of Identity and Access Management Product Line
Novell
 
Real User Experience Insight
ruiruitang
 
Real User Experience Insight
ruiruitang
 
Real User Experience Insight
ruiruitang
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
Risk Analysis Consultants, s.r.o.
 
Compliance and Governance Through Complex Entitlement Management
Noam Bunder
 
License Management Overview
Dominic Haigh
 
5 Keys to Delivering Storage-as-a-Service Without Losing Control
Jeannette Grand
 
Wallix AdminBastion - Privileged User Management &amp; Access Control
zayedalji
 
HyTrust-FISMA Compliance in the Virtual Data Center
HyTrust
 
DSS - ITSEC conf - Centrify - Identity Control and Access Management - Riga N...
Andris Soroka
 
Tänased võimalused turvalahendustes - Tarvi Tara
ORACLE USER GROUP ESTONIA
 
Integrating Novell Access Governance Suite with Novell Identity Manager
Novell
 
Cisco Study: State of Web Security
Cisco Canada
 
What's New in Novell Identity Manager 4.0
Novell
 
Troubleshooting Novell Access Manager 3.1
Novell
 
59264945-Websphere-Security.pdf
DeepakAC3
 
Eucalyptus-AWS Hybrid Using RightScale myCloud
RightScale
 

More from Ambareesh Kulkarni (20)

PPT
Travel Management Dashboard application
Ambareesh Kulkarni
 
PDF
Carlson Wagonlit: Award winning application
Ambareesh Kulkarni
 
PDF
Analyze Optimize Realize - Business Value Analysis
Ambareesh Kulkarni
 
PPTX
Evolution of Client Services functions
Ambareesh Kulkarni
 
PPTX
Building the Digital Bank
Ambareesh Kulkarni
 
PPT
Packaged Dashboard Reporting Solution
Ambareesh Kulkarni
 
PDF
Actuate Certified Business Solutions for SAP
Ambareesh Kulkarni
 
PDF
Professional Services Project Delivery Methodology
Ambareesh Kulkarni
 
PPTX
Windows 10 Migration
Ambareesh Kulkarni
 
PPT
Actuate BI implementation for MassMutual's SAP BW
Ambareesh Kulkarni
 
PDF
Professional Services packaged solutions for SAP
Ambareesh Kulkarni
 
PPT
SAP R3 SQL Query Builder
Ambareesh Kulkarni
 
PPTX
Zero Touch Operating Systems Deployment
Ambareesh Kulkarni
 
PPTX
Ambareesh Kulkarni, Professional background
Ambareesh Kulkarni
 
PPTX
Professional Services Roadmap 2011 and beyond
Ambareesh Kulkarni
 
PPTX
1E and Servicenow integration
Ambareesh Kulkarni
 
PPTX
Enterprise BI & SOA
Ambareesh Kulkarni
 
PPTX
Professional Services Automation
Ambareesh Kulkarni
 
PPT
Storage Provisioning for Enterprise Information Applications
Ambareesh Kulkarni
 
PPTX
Professional Services Sales Techniques & Methodology
Ambareesh Kulkarni
 
Travel Management Dashboard application
Ambareesh Kulkarni
 
Carlson Wagonlit: Award winning application
Ambareesh Kulkarni
 
Analyze Optimize Realize - Business Value Analysis
Ambareesh Kulkarni
 
Evolution of Client Services functions
Ambareesh Kulkarni
 
Building the Digital Bank
Ambareesh Kulkarni
 
Packaged Dashboard Reporting Solution
Ambareesh Kulkarni
 
Actuate Certified Business Solutions for SAP
Ambareesh Kulkarni
 
Professional Services Project Delivery Methodology
Ambareesh Kulkarni
 
Windows 10 Migration
Ambareesh Kulkarni
 
Actuate BI implementation for MassMutual's SAP BW
Ambareesh Kulkarni
 
Professional Services packaged solutions for SAP
Ambareesh Kulkarni
 
SAP R3 SQL Query Builder
Ambareesh Kulkarni
 
Zero Touch Operating Systems Deployment
Ambareesh Kulkarni
 
Ambareesh Kulkarni, Professional background
Ambareesh Kulkarni
 
Professional Services Roadmap 2011 and beyond
Ambareesh Kulkarni
 
1E and Servicenow integration
Ambareesh Kulkarni
 
Enterprise BI & SOA
Ambareesh Kulkarni
 
Professional Services Automation
Ambareesh Kulkarni
 
Storage Provisioning for Enterprise Information Applications
Ambareesh Kulkarni
 
Professional Services Sales Techniques & Methodology
Ambareesh Kulkarni
 

Recently uploaded (20)

PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
A Presentation on Artificial Intelligence
memembruh336
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Approach and Philosophy of On baking technology
30anthuong17
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Encapsulation theory and applications.pdf
gurumoop
 

Enterprise Security & SSO

  • 1. Actuate Security Enterprise class, Standards based, Robust and Flexible Ambareesh Kulkarni, Director 1 © Actuate Corporation 2008
  • 2. Anatomy of an Actuate Application ` ` ` FW1 FW2 FW3 Application Web Server Server farm Actuate iServer Actuate Farm running Active nodes Encycl. Portal 2 © Actuate Corporation 2008
  • 3. Features of Actuate Security AuthN & AuthZ • Authentication -Verify if users are who they claim to be • Authorization -Users can only access what the security policy allows • Role-based access control -Grant access based on the user’s role in the organization • Data privacy -Data integrity & reliability • User Registration -External and Internal • Audit information -Usage and exceptions • Transport Security -Secure delivery of information 3 © Actuate Corporation 2008
  • 4. Features of Actuate Security AuthN & AuthZ • Non-repudiation on actions -Important user actions carry proof of execution to prevent denial • Session security -User sessions are uniquely identifiable and not subject to masquerading • Session time-out -Session inactivity leads to session termination • Audit logs -All actions are logged for audit use. • Single sign-on -Usage of multiple systems or services does not require additional credentials. 4 © Actuate Corporation 2008
  • 5. Features of Actuate Security AuthN & AuthZ • Robust authentication & authorization capabilities • Supports both Internal and External Authentication • Can use a combination of UserID/Password for authentication • Optionally: • trust credentials passed to it • Extract Userid and/or password from encrypted artifacts such as (e.g. token, logon ticket etc.) • Granular authorization • Fast and easy mapping of business rules to authorization policy • Course, medium and fine-grained authorization • An open, interoperable Java-based architecture with data source flexibility • Plug-n-play integration with Web, application and directory services • Supports LDAP, RDBMS and any custom data sources 5 © Actuate Corporation 2008
  • 6. External User Registration and Authentication process flow Business Process 2 Workflow 1 3  Automated Access Approval End Portal Server Users 5 Data Store 4 6 Data Repository Actuate 8 Authentication/Revalidation 7 Services 9 Actuate 6 © Actuate Corporation 2008
  • 7. Authorization Controls What can you protect?? • Server Controls • Resource – Universal Resource Indicator… • Applications – group of resources… • Dynamic Content – EJB’s, JSP’s, Servlets… • Method-level Protection – Access, Get, Post • Wild-Card Control – *, /*/, *.* 7 © Actuate Corporation 2008
  • 8. Authorization & Privilege Management Levels Limits access at the URL Coarse-grained level to protect machines Coarse and their contents Provides conditional Medium-grained access to Actuate Folders and files based on access control lists and user roles Controls what data users Fine Fine-grained see once they have access to the report (Page Level Security) 8 © Actuate Corporation 2008
  • 9. Usage Logging What have you accessed? • Provides records required to meet security policy and compliance requirements Usage logging • Helps pinpoint problem areas against policies • Captures “contextual” Actuate usage log information for better captures ALL diagnosing issues User Activity 9 © Actuate Corporation 2008
  • 10. Actuate Security Scalable and Flexible Key Server Dispatcher Enforcement (Agent or Proxy) End Users Authentication Authorization Engine Actuate iServer Centralized Logging Engine Browser-based Web/App Administration Server Entitlements Engine 10 © Actuate Corporation 2008
  • 11. Security Extensions iPortal Security Extension (iPSE) • For Single Sign-on Report Server Security Extension (RSSE) • For any external data store including LDAP & Microsoft Active Directory integration 11 © Actuate Corporation 2008
  • 12. Single Cluster supports diverse and disparate security systems • Actuate integrates with all major security systems and services providers • RSA, Netegrity, Kerberos, SAP, Tivoli, BMC, SAML, etc. • Leverages investments in enterprise security models • Centralizes the administration of common user information • Supports multiple authentication and authorization sources from a single iServer cluster 12 © Actuate Corporation 2008
  • 13. Java RSSE Architecture Interface Implementation (Published by Actuate) iServer Endpoint HTTP request RSSE Endpoint DB Access API Java Interface SOAP 3rd party database HTTP response (e.g. LDAP) iServer RSSE Service 13 © Actuate Corporation 2008
  • 14. Transport Security Web Tier J2EE Server Farm(e.g. WebSphere) Report Server Farm SSl Encrypted Web Browser session Internal traffic SOAP/http Optionally Encrypted using Stunnel or IPSEC ` ` ` FW1 FW2 FW3 Application Web Server Server farm Actuate iServer Actuate Farm running Active nodes Encycl. Portal 14 © Actuate Corporation 2008
  • 15. Microsoft IIS Web Tier Integration • Reverse HTTP Proxy – using AJP plug-in • Supports IIS forwarding requests to iPortal • AJP plug-in configured with Microsoft IIS Microsoft IIS Oracle Actuate Oracle Containers for AJP 13 HTTP Containers for or iServer Cluster J2EE AJP connector Server J2EE iServer Express 15 © Actuate Corporation 2008
  • 16. How It Works: ASP.net Forms Authentication & SSO with Actuate Active Directory 1 Microsoft IIS /ASP.NET 2 RSSE 4 8 3 4. App authentication 5 6 Actuate Oracle Oracle 7 HTTP Containers for AJP connector Server Containers for or iServer Cluster J2EE J2EE iServer Express 1. GET default.aspx HTTP/1.1 7. Submit Actuate URL from ASP page 2. 302 Redirect Location: login.aspx 8. Report Server Security Extension provides external authentication 3. POST default.aspx HTTP/1.1 & registration services <form data containing credentials> 5. 200 OK Set-Cookie: .ASPXAUTH Auth Ticket 6. GET default.aspx HTTP/1.1 16 Cookie: .ASPXAUTH Auth Ticket © Actuate Corporation 2008
  • 17. Seamless Access to Actuate 17 © Actuate Corporation 2008
  • 18. Seamless Access to Actuate 18 © Actuate Corporation 2008