| The Whydah modules are separate services and each module has clearly defined responsibility. Whydah consists of the following modules: Applications - SSOLoginWebApp - SSOLWA - Web SSO made easy - UserAdminWebApp - UAWA - Efficient administration of users and applications Services - SecurityTokenService - STS - The scalable secure session control - UserAdminService - UAS - Borderline guard for UIB 1. Ensure validated access to UIB before forwarding request to UIB 1. Validate application. Main focus is that no requests are forwarded to UIB unless origin is from a validated application. 2. Validate user. MWhen requests to UIB require admin access, only requests with validated user are forwarded to UIB. 2. DDos attac will be stoped at UAS, and might bring UAS to a halt. UIB will remain intact. Fine-grained access-control of administration APIs. 1. for å kunne låse ned UIB (borderline security) 1. BLI: obfuscate url i SsoLoginService, ikke i UAS 2. BLI: validering av payload, stoppe altfor store ting, f.eks. unngå sql-injection 2. for å kunne rendyrke ansvar og funksjonalitet i UIB... og la UAS fasillitere flerskrittsprosesser inn mot UIB 3. audit - spesielt på flerskrittsprosesser - UserIdentityBackend - UIB - The vault of users and applications - Optional: StatisticsService - Optional: CRMService - A Whydah CRM API with simple standalone persistent customer implementation - because user != customerMain purpose - CRUD API on Customer(s) including the Customer Auth Activities - Search-API for CustomerSearches - simple standalone implementation to get you going Test and SDKs - TestWebApp - Whydah Typelib - Whydah Client SDK - ServiceDocTemplate |
|
whydah-modules See also Architecture Overview |