8-7
UserGuide for Cisco Digital Media Manager5.4.x
OL-15762-05
Chapter8 Authentication and Fe derated Identity
Concepts
OReturn to Top
OpenAM
SAML 2.0-compliant identity and access management server platform written in Java. OpenAM is open
source software available under the Common Development and Distribution (CDDL) license. OpenAM
is derived from and replaces OpenSSO Enterprise, which also used CDDL licensing. See
http://www.forgerock.com/openam.html.
OU
organizational unit. An LDIF classification type for a logical container within a hierarchical system.
In LDIF grammar, the main function of an OU value is to distinguish among superficially identical CNs
that might otherwise be conflated. For example:
•CN=John Doe,OU=sales,DN=example,DN=com
•CN=John Doe,OU=marketing,DN=example,DN=com
Note An LDAP expression must never include a space immediately to either side of a “=” sign. Similarly, it must
never include a space immediately to either side of an “objectClass” attribute. Otherwise, validation fails.
P
Return to Top
PingFederate
SAML 2.0-compliant identity and access management server platform written in Java. PingFederate is
proprietary, commercial software. See http://www.pingidentity.com.
RReturn to Top
RDN
relative distinguished name. The CN for a directory service entity, as used exclusively (and still without
any explicit context) by the one IdP that has synchronized this entity against an ActiveDirectory user
base. When an IdP encounters any RDN attribute in an LDIF reference, the IdP expects implicitly that
its SAML2. 0-synchronized federation is the only possible context for the CN. It expects this because
an IdP cannot authenticate—and logically should never encounter—a directory service entity whose
RDN is meaningful to any other federation.
S
Return to Top
SAML
Security Assertion Markup Language. XML-based open standard that security domains use to exchange
authentication and authorization data, including assertions and security tokens.
We support SAML2.0.
Shibboleth
A SAML 2.0-compliant architecture for federated identity-based authentication and authorization.