Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

ForgeRock Identity Gateway

( Duration: 5 Days )

This ForgeRock Identity Gateway training course provides the necessary skills to plan, install, configure, and administer an IG deployment. The main goal of the course is to provide a thorough understanding of, and hands-on experience with IG, so delegates can control the most important functions of and manage a successful production deployment.

By attending ForgeRock Identity Gateway workshop, delegates will learn to:

  • Describe the role and use cases where IG fits within a ForgeRock Identity Platform solution, the basic concepts of IG, and how to perform a basic installation and configuration of IG.
  • Use IG to protect a legacy application.
  • Configure agentless single sign-on with IG, where authentication can be delegated to AM, including cross-domain, to an OIDC provider, or to a SAML2 Identity provider.
  • Extend IG to support the retrieval of user profile attributes.
  • Use IG as a policy enforcement point to protect a given web application, where AM is the policy decision point, and configure authentication step-up and transactional authorization.
  • Protect a REST API using OAuth2-based solutions.
  • Extend the solution using scripting.
  • Prepare for production of an IG project by addressing maintenance, tuning, security, and deployment questions.

  • Basic knowledge and skills using the Linux operating system
  • Basic knowledge of HTTP and communications between clients and web applications is critical to understanding and working with IG
  • Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL, and XML helpful in understanding examples, especially Groovy for scripting within IG
  • Attend a training on ForgeRock Access Management or equivalent practical knowledge

The ForgeRock Identity Gateway class is ideal for:

  • System Integrators
  • System Consultants
  • System Architects
  • System Administrators
  • Web Developers

COURSE AGENDA

1

Integrating a web site and a legacy application with IG

  • Introducing ForgeRock Identity Gateway
    • Provide an overview of IG
    • Discuss IG use cases
    • Present IG features
  • Fronting a website with IG
    • Show how IG acts as a reverse proxy
    • Discuss proxying WebSocket traffic
    • Describe installation requirements and install IG
    • Use IG Studio to protect a website
    • Examine IG configuration structure
  • Routing and processing requests and responses
    • Understand how IG routes requests depending on external conditions
    • Describe how Handlers direct requests and responses within a route
    • Explain how filters process requests and responses
    • Implement password replay
  • Understanding IG object model and logging
    • Understand the IG object model
    • Examine request, response, context, and session
    • Use a CaptureDecorator to perform logging
    • Configure the FileAttributesFilter
2

Configuring Agentless Single Sign-On

  • Implementing authentication with the SingleSignOnFilter
    • Use Freeform technology preview to protect a website
    • Configure an AM Service
    • Describe the use of the SingleSignOnFilter
    • Retrieve information from AM using the UserProfileFilter and SessionInfoFilter
  • Configuring CDSSO for the legacy application
    • Describe and implement a CrossDomainSingleSignOnFilter
  • Performing SSO with IG as an OpenID Connect relying party
    • Describe and implement an OAuth2ClientFilter
  • Providing SSO with IG as a SAML2 service provider
    • Describe and implement a SAML2FederationHandler
    • Describe and implement a DispatchHandler
3

Controlling access with IG as Policy Enforcement Point

  • Implementing authorization with a PolicyEnforcementFilter
    • Describe and implement a PolicyEnforcementFilter
  • Providing step-up authentication and transactional authorization
    • Describe and implement step-up authentication
    • Describe and implement transactional authorization
4

Protecting a REST API

  • Configuring IG as an OAuth2 resource server
    • Describe and implement an OAuth2ResourceServerFilter
    • List access token resolvers
    • Observe the flow with the TokenIntrospectionAccessTokenResolver
  • Extending functionality with scripts
    • Describe the scripting framework for extending IG functionality
    • Examine and implement dynamic scopes solution
5

Preparing for production with IG

  • Auditing, monitoring, and tuning an IG solution
    • Describe and implement auditing
    • Discuss monitoring
    • Examine tuning questions
  • Developing awareness of security questions with IG
    • Discuss IG best practices regarding security
    • Examine and implement common secrets
    • Describe and implement throttling
  • Deploying IG
    • Describe and implement property value substitution
    • Set up multiple IG instances

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X