Project goal
Build a new system as a solution for the issues of current implementation:
Slow, complex, expensive
Development of the SSO product
Protecting new applications
Resolving operational issues
Proposed solution
OAM FULFILLED ALL REQUIREMENTS AND ADDITIONALY ENABLED: • integration with Cloud services offering• offloading the staff from most tasks
• performance enhancements
The project
July 2015 - April 2016Test system - SagaTest system - Telekom SrbijaProduction system - Telekom SrbijaWeb servers with protected applications:
• Apache httpd (CentOS Linux, SuSE Linux, Windows)
• IIS (Windows)
Web SSO in OAM
Login pageContent for
logged-out users
Protected resource- access
Protected resource(DCC)
Protected resource- logout
Protected resource(unsolicited)
1
2
,3
1,2,3
4
5
6
User login
Authentication and authorization
Dedicated login page• ECC – accessing OAM servers• DCC – accessing separate Web servers
(DDoS)Login form embedded in page (unsolicited)• using WebGate• REST API
Architecture
OAM and WebGate are Web applications• OAM - WebLogic Server• DCC - OHS (Oracle HTTP Server)• Database (used implicitly)• LDAP
WebGate is a module for Web server (httpd, IIS)• Resource WebGate• DCC WebGate
WF 4: Logout
R-WGOAM
LDAPDCC-WG
Application
Web server1
4
Web server
content for
logged-out users
5
2
3
Production run
• Manual for partners – protecting own Web applications with Web SSO (DCC, unsolicited)• Localization & Customization
• Login page• Login error handling
• Measured performance above required
• MTS Shop - first partner (DCC)• Integrated Portal - first internal application
(unsolicited)
The team
ICT Services Department (Cloud), Marketing Department, Web developers, System administrators
Proof of Concept, Solution development, Training (courses for
the product)
Solution development,Implementation, Support