Identity and context virtualiSation offerings provider Radiant Logic and open source identity and access management space provider ForgeRock have partnered to join RadiantOne’s Virtual Directory Server and ForgeRock’s innovative authentication, authorisation, entitlements, and federation tool OpenAM into a complete web access management offering.

Radiant Logic and ForgeRock work together to enable fine-grained authorisation, federation, and SSO.

With RadiantOne, OpenAM does not have to connect with diverse data stores or disambiguate overlapping identities which makes OpenAM easier to strengthen security and deliver web single sign-on across protected applications.

The federated identity service protects OpenAM from the complexity of backend sources,delivering all the information it needs, in the format and protocol it expects.

For supplying attributes across the identity infrastructure to OpenAM the RadiantOne Virtual Directory Server (VDS) acts as an attribute server. This results in finely-grained, contextually-driven authorisation decisions.

VDS aggregates attributes from across fragmented identity infrastructures into a complete, global profile of each user, which feeds OpenAM’s XACML policy engine, supporting enforcement of complex authorization policies, said Radiant Logic.

ForgeRock Business Development director Neil Chapman said RadiantOne and OpenAM combine powerfully to solve single sign-on problems via XACML standards.

"Together they offer fine-grained federated authorization and authentication capabilities to customers requiring flexible, compatible, and scalable enterprise-grade SSO solutions," said Chapman.

Radiant Logic Business Development director Eric Ross said integrating products creates easy access to all identities and attributes. Customers can now customize, correlate, and integrate identities from across complex, heterogeneous infrastructures for a fuller picture of each user — and more finely-grained policy enforcement.

"OpenAM works seamlessly with the Virtual Directory Server identity repository, creating the ability to access identity information remotely, no matter where or how it’s stored," said Ross.