Gluu http://www.gluu.org Open Source Authentication & API Access Management Fri, 31 Jul 2015 20:49:25 +0000 en-US hourly 1 http://wordpress.org/?v=4.2.3 Gluu Sever UMA Overview for Centralized OAuth2 Access Management http://www.gluu.org/gluu-sever-uma-overview-for-centralized-oauth2-access-management/ http://www.gluu.org/gluu-sever-uma-overview-for-centralized-oauth2-access-management/#comments Tue, 14 Jul 2015 20:51:02 +0000 http://www.gluu.org/?p=6201

]]>
http://www.gluu.org/gluu-sever-uma-overview-for-centralized-oauth2-access-management/feed/ 0
Identify people with FIDO U2F Tokens using the Gluu Server http://www.gluu.org/identify-people-with-fido-u2f-tokens-using-the-gluu-server/ http://www.gluu.org/identify-people-with-fido-u2f-tokens-using-the-gluu-server/#comments Thu, 02 Jul 2015 15:58:49 +0000 http://www.gluu.org/?p=6186

]]>
http://www.gluu.org/identify-people-with-fido-u2f-tokens-using-the-gluu-server/feed/ 1
Gluu Server 2.3 release includes support for FIDO U2F authentication and conformance with all OpenID Connect 1.0 profiles http://www.gluu.org/press-releases/2015/gluu-server-2-3-release-includes-support-for-fido-u2f-authentication-and-conformance-with-all-openid-connect-1-0-profiles/ http://www.gluu.org/press-releases/2015/gluu-server-2-3-release-includes-support-for-fido-u2f-authentication-and-conformance-with-all-openid-connect-1-0-profiles/#comments Wed, 24 Jun 2015 18:15:28 +0000 http://www.gluu.org/?p=6173 The FIDO U2F standard enables convenient cryptographic authentication for tokens and mobile applications, providing a usable, secure, and inexpensive alternative to passwords.

News Highlights

  • The Gluu Server supports enrollment and authentication for any FIDO U2F 1.0 compliant client. Watch Gluu CEO Mike Schwartz display how to use FIDO U2F in the Gluu Server.
  • Compliance with all OpenID Connect conformance profiles as defined by the OpenID Connect Foundation’s certification program.

Austin, TX — June 22, 2015 — Gluu, Inc., a leading provider of open source identity and access management software, today announced that the Gluu Server 2.3 is now publicly available for download and includes out of the box support for the FIDO U2F 1.0 authentication standard. With the latest version of the Gluu Server, organizations can implement single sign-on (SSO) to any SAML or OpenID Connect protected application, to centralize the business logic for smart, adaptive, and context aware authentication.

FIDO U2F is an emerging open authentication standards initiative with strong support from more than 200 organizations in the FIDO Alliance. Now using the Gluu Server, companies can enable people to enroll a FIDO U2F token in addition (or as an alternative) to passwords. FIDO U2F was developed to thwart phishing and man-in-the-middle attacks. In addition to traditional usernames and passwords, U2F hardware authenticators, such as YubiKeys, generate public key-based signatures as a strong second factor to authenticate users.

“We are excited to announce that the Gluu Server is one of the first free open source identity and access management suites to support FIDO U2F compliant authentication devices,” said Gluu CEO Michael Schwartz. “The vast majority of security incidents are the result of bad person identification. Passwords have historically been the cheapest credentials to support, but new standards like FIDO U2F are making it easier and more scalable for organizations to enforce strong authentication for access to a large number of applications. Now any organization can authenticate using some of the same advanced technology as industry leaders like Google.”

The Gluu Server now supports the most promising standards for digital authentication and authorization, including OpenID Connect, FIDO U2F, SAML, UMA, and even LDAP, making it one of the most useful access management suites available.  

Full release notes for the Gluu Server 2.3 can be viewed here. Watch Gluu CEO Mike Schwartz display how to use FIDO U2F in the Gluu Server.

Find out more about the Gluu Server:

About Gluu:
Gluu publishes free open source Internet security software that universities, government agencies and companies can use to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. Using a Gluu Server, organizations can centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to enable federated single sign-on (SSO) and trust elevation.

]]>
http://www.gluu.org/press-releases/2015/gluu-server-2-3-release-includes-support-for-fido-u2f-authentication-and-conformance-with-all-openid-connect-1-0-profiles/feed/ 1
Gluu to Promote OAuth2 Access Management at Cloud Identity Summit http://www.gluu.org/press-releases/2015/gluu-to-promote-oauth2-access-management-at-cloud-identity-summit/ http://www.gluu.org/press-releases/2015/gluu-to-promote-oauth2-access-management-at-cloud-identity-summit/#comments Mon, 08 Jun 2015 17:45:24 +0000 http://www.gluu.org/?p=6157 Gluu CEO Mike Schwartz to promote OAuth 2.0 as the solution for achieving increased identity assurance in digital transactions during session at the Cloud Identity Summit in San Diego, California.

Austin, TX — June 3, 2015 — Gluu, a leading provider of open source identity and access management software, is hosting a session at the Cloud Identity Summit where CEO Mike Schwartz will discuss how OpenID Connect and UMA, two new profiles of OAuth 2.0, are enabling organizations to centrally manage and enhance authentication and authorization security across web, mobile, and IoT applications. The Cloud Identity Summit takes place in San Diego, CA, from June 8-11, and is an annual gathering that includes workshops and presentations by industry experts on new innovations in the field of Identity and Access Management (IAM).

Organizations worldwide are recognizing the need for more secure identity proofing under certain circumstances, for instance during high value financial and personal data transactions. In addition, new requirements have emerged around mobile and Internet of Things (IOT) devices that have limited the ability of existing tools to solve new challenges. OpenID Connect and UMA enable organizations to securely identify individuals and authorize access to privileged resources based on the strength of an authentication mechanism, for example an out-of-band (OOB) push notification or biometric scan, and contextual data such as device type, location, and previous user behavior.

In the session, Schwartz will share how organizations can use these two profiles of OAuth 2.0 to increase trust in an online identity in order to mitigate the risk of fraud. Attendees will leave this session with a better understanding of the Enterprise UMA use case, as well as some of the useful OpenID Connect features that can be leveraged to create centralized authentication policies.

Session details can be found by following the link below:
AuthZ is the new AuthN: Trust Elevation with UMA and OpenID Connect: June 11th, 1:00pm to 1:55pm

About Gluu:
Gluu publishes free open source Internet security software that universities, government agencies and companies can use to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. Using a Gluu Server, organizations can centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to enable federated single sign-on (SSO) and trust elevation.

]]>
http://www.gluu.org/press-releases/2015/gluu-to-promote-oauth2-access-management-at-cloud-identity-summit/feed/ 0
Gluu Server 2.2 is released–includes support for UMA 1.0 http://www.gluu.org/press-releases/2015/gluu-server-2-2-is-released-includes-support-for-uma-1-0-2/ http://www.gluu.org/press-releases/2015/gluu-server-2-2-is-released-includes-support-for-uma-1-0-2/#comments Fri, 08 May 2015 17:12:53 +0000 http://www.gluu.org/?p=6110 The latest release of the Gluu Server for CentOS and Ubuntu is a major step towards enabling organizations to launch a free open source access management infrastructure.

News Highlights

  • Updates align the Gluu Server with UMA 1.0, a new profile of OAuth 2.0, developed at the Kantara Initiative, that enables organizations to centrally manage policies to define which people can access which API’s, using which websites or mobile applications.
  • Updated the Gluu Server benchmarking suite to enable large scale deployments to test performance.
  • Reorganized product documentation with enhanced instructions for using interception scripts to customize the behavior of the Gluu Server.

Austin, TX — May 5, 2015 — Gluu announced today a new release of its open source access management suite, called the Gluu Server, that extends its leadership position in the open source identity and access management industry. With the release of version 2.2, the Gluu Server is positioned to help organizations radically reduce the cost and complexity of implementing an enterprise-class federated authentication and authorization infrastructure.

The Gluu Server provides the only comprehensive free open source software suite that enables any domain to enforce policies for access, as well as implement mechanisms that enhance security such as mobile or biometric two-factor authentication to home-grown and third-party applications.

The Gluu Server was updated to support the UMA 1.0 specification and provides fixes for a number of issues relating to user experience and management of the software, including a restructured navigation and updates to self-registration and custom authentication. A full list of changes and updates can be found in the Gluu Server 2.2 release notes.

Find out more about the Gluu Server:

About Gluu:
Gluu publishes free open source Internet security software that universities, government agencies and companies can use to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. Using a Gluu Server, organizations can centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to enable federated single sign-on (SSO) and trust elevation.

]]>
http://www.gluu.org/press-releases/2015/gluu-server-2-2-is-released-includes-support-for-uma-1-0-2/feed/ 0
Gluu Product Datasheet http://www.gluu.org/resources/documents/data-sheets/gluu-product-datasheet-2/ http://www.gluu.org/resources/documents/data-sheets/gluu-product-datasheet-2/#comments Thu, 26 Mar 2015 18:29:17 +0000 http://www.gluu.org/?p=6080

Download (PDF, 750KB)

]]>
http://www.gluu.org/resources/documents/data-sheets/gluu-product-datasheet-2/feed/ 0
Gluu Server 2.0 sets new bar for open source API security http://www.gluu.org/press-releases/2015/gluu-server-2-0-sets-new-bar-for-open-source-api-security/ http://www.gluu.org/press-releases/2015/gluu-server-2-0-sets-new-bar-for-open-source-api-security/#comments Thu, 29 Jan 2015 20:53:08 +0000 http://www.gluu.org/?p=5962 The Gluu Server Community Edition (CE) 2.0 now ships with support for the UMA, OpenID Connect, SAML, and CAS web security protocols.

Austin, TX, January 20, 2015 — Gluu today announced the availability of the Gluu Server 2.0, its industry leading open source access management platform for API security. Today all Internet domains need to identify both people and machines over the Internet, and to control access to APIs. The Gluu Server enables domains to support both older standards for security (like SAML and CAS) and newer standards based on OAuth2. With this release, the Gluu Server becomes the most comprehensive free open source security stack on the market.

The Gluu Server uses only free open source components, which makes it also the only open source access management platform that can be used in production environments without a commercial license. Gluu offers community and enterprise VIP support, and discounted rates to educational institutions worldwide.

Gluu Server CE 2.0 packages are currently available for CentOS 6.5. An Ubuntu 14.04 package will be available on February 6.

New Gluu Server CE key features

  • Inclusion of the Shibboleth SAML IDP and Asimba SAML proxy for outbound and inbound SAML single sign-on.
  • Inclusion of a CAS Server to make transitioning to SAML and OAuth2 easier.

Find out more about the Gluu Server:

About Gluu
Gluu publishes free open source Internet security software that universities, government agencies and companies can use to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. Using a Gluu Server, organizations can centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to enable federated single sign-on (SSO) and trust elevation.

]]>
http://www.gluu.org/press-releases/2015/gluu-server-2-0-sets-new-bar-for-open-source-api-security/feed/ 0
Gluu joins Open Interconnect Consortium to help Design Internet of Things security http://www.gluu.org/press-releases/2014/gluu-joins-open-interconnect-consortium-to-help-design-internet-of-things-security/ http://www.gluu.org/press-releases/2014/gluu-joins-open-interconnect-consortium-to-help-design-internet-of-things-security/#comments Fri, 03 Oct 2014 14:07:30 +0000 http://www.gluu.org/?p=5845 The OIC is led by Intel Corp., Cisco Systems Inc., MediaTek, Samsung Electronics and other industry leaders to promote open standards and open source software to enable a secure interoperable Internet of Things (IoT) future.

Gluu announced today its participation in the Open Interconnect Consortium (OIC), a group of industry leaders from a broad range of markets working together to enable the Internet of Things (“IoT”). Gluu, an open source security company, will be working with other member organizations to build a framework for secure and interoperable authentication and authorization using existing and new open Web standards for the billions of devices and APIs set to fuel the IoT.

“Although IOT presents some new challenges, its important that we leverage the experiences of the last two decades of Web access management,” said Gluu CEO Mike Schwartz. “The basic idea that a person or an organization needs to centrally control access to something has not changed. By promoting the use of open Web standards we can ensure that the billions of devices connecting to the Internet implement strong, modern security.”

The OIC is focused on delivering specifications, open source software, and an IoT certification program for connected devices. OIC membership continues to grow with 32 current member companies committed to defining open standards for the IoT.

Learn more about Open Interconnect Consortium at: http://www.openinterconnect.org

About Gluu:
Gluu publishes free open source Internet security software that universities, government agencies and companies can use to enable Web and mobile applications to securely identify a person, and manage what information they are allowed to access. Using a Gluu Server, organizations can centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to enable federated single sign-on (SSO) and trust elevation.

About Open Interconnect Consortium:
The Open Interconnect Consortium, a Delaware non-profit corporation, is being founded by leading technology companies with the goal of defining the connectivity requirements and ensuring interoperability of the billions of devices that will make up the emerging Internet of Things (IoT). To learn more, visit www.openinterconnect.org or email info@openinterconnect.org.

]]>
http://www.gluu.org/press-releases/2014/gluu-joins-open-interconnect-consortium-to-help-design-internet-of-things-security/feed/ 0
Gluu Support Matrix http://www.gluu.org/resources/documents/data-sheets/gluu-support-matrix/ http://www.gluu.org/resources/documents/data-sheets/gluu-support-matrix/#comments Sun, 21 Sep 2014 17:37:02 +0000 http://www.gluu.org/?p=5763

Download (PDF, 218KB)

]]>
http://www.gluu.org/resources/documents/data-sheets/gluu-support-matrix/feed/ 0
Shibboleth SAML SSO using the Gluu Server http://www.gluu.org/shibboleth-saml-sso-using-the-gluu-server/ http://www.gluu.org/shibboleth-saml-sso-using-the-gluu-server/#comments Wed, 06 Aug 2014 20:45:47 +0000 http://www.gluu.org/?p=5633

]]>
http://www.gluu.org/shibboleth-saml-sso-using-the-gluu-server/feed/ 0