miniOrange is an IT security and services company (vendor). As an IT security outsourcing company, miniOrange firmly believes in complete satisfaction of its customers who are looking for security outsourcing companies and vendors. As one of the leading information security companies, miniOrange provides the following Single sign on (sso) services for its customers.
In addition to the above, as more and more companies are putting their data on the cloud, they are concerned about protecting that data and make it available only for authorized users. As an IT security outsourcing company, miniOrange firmly believes in implementing strong authentication methods to access resources on the cloud. As one of the leading information security companies, miniOrange provides the following authentication services for its customers.
As recent attacks on various online portals and cloud apps show us that you can put up the best authentication method out there and hackers will find a way to get past that. The best way to authenticate users in the cloud is to dynamically calculate the risk of authorization based on device, location, time of access and behavior. As one of the leading information security companies, miniOrange provides the following dynamic authentication for its customers
Fraud Prevention services (Risk based access, Adaptive authentication, Dynamic authentication, dynamic assessment of risk)
Half the world uses Microsoft technologies and most of them use an Active Directory (AD) for authentication and authorization. Active Directory Federation Services (AD FS) is designed to provide single sign on for users using windows technology. As an IT security outsourcing company with specialization in windows, miniOrange firmly believes in implementing Active Directory Federation Services (AD FS). As one of the leading information security companies, miniOrange provides the following Active Directory Federation Services (AD FS) for its customers
If you are in any kind of network, LAN, WAN or Virtual private network(VPN), you must have heard about an ancient protocol called Remote Authentication Dial In User Service (RADIUS).Its a networking protocol that provides centralized authentication and authorization. As an IT security outsourcing company with specialization in Remote Authentication Dial In User Service (RADIUS), miniOrange firmly believes in implementing RADIUS pass through authentication for its customers. As one of the leading information security companies, miniOrange provides the following Remote Authentication Dial In User Service (RADIUS) for its customers
Thousands of customers can not manage their own sites anymore because sites have grown in number and they easily become un-manageable. Thanks to Siteminder technology by CA, there is a way these sites can be managed. But how about access to these sites!!! You will need miniOrange technology to not only install, configure Siteminder but also write custom agents that can plugin with your choice of authentication and authorization software. As one of the leading information security companies, miniOrange provides the following Siteminder services for its customers
In addition to the above, miniOrange's core expertise is in writing security software. As one of the leading information security companies, miniOrange provides the following security services for its customers
As a trusted provider of cloud based single sign on, user authentication and fraud prevention solution, miniOrange has helped a number of customers with their most critical areas by effectively managing risks and achieving compliance.
Increasing usage of online and mobile technology is forcing Banks and Financial Institutions revisit security of their customers and transactions urgently. Cloud Adoption and Omni channel experience not only mandates the shift to increased security model but if not addressed can also be huge business and brand image risk as evidenced by recent increase of security breaches, Web vulnerabilities, Endpoint exploitation and Cyber Attacks around the world.
miniOrange can configure Tomcat using three authentication methods the Basic Authentication, Form Authentication and Authentication using valve. Below is the description of Custom Authentication using valve:
Tomcat Authenticator valve protects access to all or some webapps deployed in the tomcat instance. If the user is not authenticated, it sends a request to SAML plugin to authenticate the user.
It also manages the Single Sign On between the protected webapps (can be configured if you do not want single sign on between the protected apps).
Open server.xml available in your Tomcat's conf directory.
Under the Host Element of XML file add:
<Valve className="----Enter ClassName here----" valvePropertyLoc="----Enter external property file location----" />
Properties defined in external property file(specified while configuring valve in server.xml) will override properties in application.properties
IdP Issuer Name: It is required for verifying Issuer Name in the SAML response from the IdP
Protected contexts: semi-colon separated list of apps that you need to protect. Use * if you need to protect all the apps deployed on the tomcat instance protected.contexts=*
Note: If protected context list contains * then all the deployed apps gets protected.
SAML plugin context name (WAR file name):
The SAML plugin deployed in the same Tomcat instance that you want to protect
Note: The above two properties is required to ignore any requests coming for SAML plugin. If SAML plugin is deployed in the same tomcat instance and request comes for SAML plugin, Tomcat Authenticator will ignore the authenticating the user.
The Single Sign On enabled property: Set this property to "true" if you want Single Sign on between the protected webapps (contexts). Set this to "false" if do not want single sign on
Note: For Single Sign On to work, the Single Sign On valve must be configured in conf/server.xml. It is also necessary that SingleSignOn valve entry must be above SecureauthAuthenticator valve entry.
Compile and deploy tomcat authenticator
Open command prompt and go to directory for the project which needs to be deployed.
Run mvn clean package - This will generate jar file of your project in <project name>/target directory
Copy the generated jar file in your Tomcat's lib directory.
NOTE: If any property changes, the server needs to be restarted for loading the changed properties.