contents

software
 
Ping Identity Announces PingTrust 1.1 Available

Ping Identity Corporation has announced that PingTrust version 1.1 is now available for free and immediate download from its Web site. New features in PingTrust v1.1 include additional security token support, new configuration options and a test harness for validating configurations.

PingTrust is the first standalone Security Token Server that builds on the OASIS Web Services Security (WSS) and WS-Trust standards to centralize security token management across the enterprise. PingTrust provides rich clients, Web applications and the back-end Web Services they utilize with comprehensive functionality to create, validate and exchange security tokens such as SAML assertions, X.509 certificates, Kerberos tickets, username/password and custom tokens. PingTrust effectively bridges authentication domains while enabling enterprises to add user identity to Web Services for enhanced billing, authorization and audit.

Web Service Clients use PingTrust to generate security tokens that transfer attributes about the originating user such as name and role to a Web Service Provider. Web Service Providers use PingTrust to validate the authenticity of incoming security tokens and to obtain the user information. Both Web Service Clients and Providers can also use PingTrust to exchange one token type for another-for instance, to exchange a Kerberos token that works in a local Windows security domain for a SAML token that works across multiple security domains.

Key new functionality in PingTrust v1.1 includes:
- Expanded Token Validation: Validates SAML 1.1 and SAML 2.0 tokens, supporting use cases where a Web Service Provider wants to use the WSS SAML token profile to protect its Web Services.
- Custom Security Token Generation: Generates custom security tokens. As a result, PingTrust can now convert standard tokens-for instance, Kerberos tickets or SAML assertions-into the unique, custom formats required for homegrown or legacy systems.
- Enhanced Requestor Authentication and Identification: Allows the use of WSS to authenticate Web Service Clients and Providers requiring token processing, as well as the ability to bypass authentication in favor of simple identification in cases where full authentication is not required.
- Requester-Specified Token Types: Introduces a new option whereby Web Service Clients and Providers can specify in their request the type of token they want generated. This functionality supports Web Service Clients that require multiple token types to work with different Web Service Providers.
- Test Harness/Demonstration Application: Includes a browser-based application that allows users to directly interact with PingTrust in real time to configure a token processing scenario, execute requests and view the results from both the Web Service Client and Provider perspectives. With this functionality, implementers can see PingTrust "in action" and verify that their configuration is correct.
- Web Service Enhancements Version 3.0 (WSE 3.0): Adds support for WSE 3.0 and version 2.0 of the .NET Framework. Furthermore, the new version can simultaneously support applications running WSE 2.0/.NET 1.1 and WSE 3.0/.NET 2.0.

The software can be downloaded from the company'ssite.



write your comments about the article :: © 2006 Computing News :: home page