oxTrust is a single-point of administration for all components of Gluu 4.x servers. It  includes an identity synchronization engine for external LDAP user stores. In addition to a web interface, oxTrust also provides an API to enable the automation of many tasks.

Gluu Server 4.x offers REST APIs for the oxTrust Admin GUI. With the REST API, server configurations can be automated, new GUIs can be built to expose specific admin functionality, and other integrations can be created for the Gluu admin portal.

The Passport authentication middleware enables inbound identity for SAML, OAuth, and OpenID Connect (all of which can be referred to as “inbound identity”). Passport normalizes the process of supporting user authentication at external identity providers and user registration in your Gluu Server. 

The Gluu Server is shipped with a user registration script that implements a very basic user registration process.

oxTrust allows users to perform self-registration. In order to control/validate user registrations there is the user registration script type.

LDAP Synchronization, a.k.a. Cache Refresh, is the process of connecting one or more existing backend LDAP servers, like Microsoft Active Directory, with the Gluu Server’s local LDAP server. Synching people and attributes from a backend server speeds up authentication transactions. It is possible to perform attribute transformations, changing the name of attributes, or even using an interception script to change the values.

The Gluu Server acts as a SAML identity provider (IDP) to support outbound SAML single sign-on (SSO).

In oxTrust use NameID or Name Identifier is used to identity the “subject” of a SAML assertion. 

Interception Scripts

Interception scripts can be used to implement custom business logic for authentication, authorization and more in a way that is upgrade-proof and doesn’t require forking the Gluu Server code. Each type of script is described by a Java interface — i.e. which methods are required.

oxTrust enables administrators to manage what information about people is being exposed to partner websites. oxTrust is also the local management interface that handles other server instance specific configurations, and provides a mechanism for IT administrators to support people at the organization who are having trouble accessing a website or network resource.

The Gluu Server administration interface is accessible by navigating to a fully qualified domain name provided during setup.

After successful authentication, the administrator is taken to the Dashboard. Some basic information about the VM/server is displayed, as well as the server version, free memory, and disk space. A metrics graph is shown to report some quick statistics about user authentications handled by the service. In the top right, there is a user icon which can be used to log out of oxTrust. The left-hand menu is used to navigate the admin interface.

oxTrust is a single-point of administration for all components of Gluu 4.x servers. It  includes an identity synchronization engine for external LDAP user stores. In addition to a web interface, oxTrust also provides an API to enable the automation of many tasks.

Gluu Server 4.x offers REST APIs for the oxTrust Admin GUI. With the REST API, server configurations can be automated, new GUIs can be built to expose specific admin functionality, and other integrations can be created for the Gluu admin portal.

Admin REST APIs

Gluu Server 4.X offers REST APIs for the oxTrust Admin GUI. With the REST API, server configurations can be automated, new GUIs can be built to expose specific admin functionality, and other integrations can be created for the Gluu admin portal.

An open source, enterprise IAM platform you can depend upon long-term.

« »