Federated Authentication with Enterprise Systems

Apprenda is built to easily integrate with off the shelf or home grown enterprise identity, directory services, and authentication systems. This allows for seamless mapping of end users to guest applications hosted on your internal Apprenda PaaS instance.

Enterprise identity management, directory services, and authentication systems are well established pillars of most enterprise IT environments. Cataloging the identity and credentials of tens or even hundreds of thousands of users is the norm. Ensuring that your cloud platform can leverage your existing identity management and authentication systems is critical. This guarantees that your applications running on Apprenda can automatically be federated against your identity systems for authentication and authorization requests.

Key Points

  • Support for SAML and Simple Web Tokens (SWT)
  • Leverage home grown identity and authentication systems
  • Use out of the box, enterprise focused identity management and SSO systems such as Ping Identity and CA SiteMinder
  • Insulate applications from implementation details of SSO and authentication
  • Button-click binding of authentication to UIs and web-service APIs. Applications
    written without authentication can just have it “turned on”

Developer Considerations

A developer can request that Apprenda weave centralized authentication into applications, implemented at the application server level. For example, Apprenda wires a “Valve” into Tomcat’s request processing pipeline to handle the authn/authz needs of the application. In .NET, Apprenda swaps out common authentication implementations that can federate against cloud based authentication and identity brokers. Apprenda has federation plugins for common enterprise identity systems such as Active Directory, Ping, and CA Siteminder. This ensures that all apps can leverage a common cloud authentication model, remediating an authentication anti-pattern that would force each application to address authentication in a non-scalable, non-configurable way.