Agents for Control

By Jim Rapoza  |  Posted 2003-02-03 Print this article Print

Agents for Control

Like most access control systems, Sun ONE Identity Server uses agents that sit on Web servers and other external application servers to enable Web access control on these systems. Sun provides agents for pretty much every server out there and also has an API for developing custom agents.

We found quite a bit of flexibility in Identity Servers options for defining user roles and rights. The product has broad support for a number of authentication mechanisms, from LDAP and RADIUS, or Remote Authentication Dial-In User Service, to tokens and operating-system-based authentications.

The new federation features in the server make it possible to enable single sign-on within a company or with external applications and partners. To provide broad single-sign-on capabilities, Identity Server makes it possible to build them using SAML or the Liberty Alliance specification.

Because both are based on XML, and the Liberty Alliance specification also leverages SAML, companies should be able to easily develop single sign-on that will work with almost any business partner. Although competing products such as those from Netegrity and Oblix also support SAML for single sign-on, Sun ONE Identity Server is the only one weve seen that supports the Liberty Alliance specification. However, some of these competing products support Microsoft Corp.s Passport for single sign-on—something a server from Sun is unlikely to do any time soon.

Sun ONE Identity Server runs on Solaris and on Windows 2000 Server. The product uses only Sun ONE Directory Server as its main data store, although for authentication purposes, it can work with any LDAP directory server.

East Coast Technical Director Jim Rapoza is at

Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr RapozaÔÇÖs current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel