Radiant

Course Description

ForgeRock® Identity Gateway Core Concepts course is for learners who want to explore core concepts and implement key use cases and components of ForgeRock Identity Gateway (IG) to assist extend access to and shield web applications, legacy applications, & (APIs) application programming interfaces, within an access management solution.

This course includes a combination of instructor-led lessons and demonstrations with a bunch of lab exercises to ensure a prospect to fully understand each of the subjects covered. It provides learners with the necessary skills to plan, install, configure, & administer an IG deployment. The major goal of the course is to deliver a thorough understanding of, and hands-on experience with IG, so learners can control the most essential functions of and handle a successful production deployment.

Prerequisites

The following are the prerequisites for successfully finishing this course-

Fundamental knowledge and skills utilizing the Linux operating system to complete labs
Fundamental knowledge of HTTP & communications between clients & web applications is critical to understanding & working with IG
Fundamental knowledge of JSON, JavaScript, REST, Java, Groovy, SQL, & XML helpful in comprehending examples, especially Groovy for scripting within IG
Presence at AM400 ForgeRock Access Management Core Concepts course or equivalent knowledge

Audience Profile

The target audiences for this course include-

System Integrators
System Consultants
System Architects
System Administrators
Web Developers

Learning Objectives

Upon accomplishment of this course, one should be able to-

Explain the role and utilize cases where IG is competent within a ForgeRock Identity Platform™ solution, the fundamental concepts of IG, & how to perform a basic installation & configuration of IG.
Utilize IG to guard a legacy application.
Arrange agentless single sign-on with IG, where authentication can be tasked to AM, including cross-domain, to a SAML2 Identity provider, or to an OIDC provider .
Extend IG to assist the retrieval of user profile features.
Utilize IG as a policy enforcement point to guard a given web application, where AM is the policy decision point, & configure authentication step-up & transactional authorization.
Guard a REST API utilizing OAuth2-based solutions.
Extend the solution utilizing scripting.
Schedule for production of an IG project by addressing maintenance, tuning, security, and deployment questions.

Content Outline

Module 1- Integrating a web site & a legacy application with IG

Explain the role and use cases where IG is competent within a ForgeRock Identity Platform solution, fundamental concepts of IG, & how to perform a basic installation & configuration of IG.

Lesson One- Introducing ForgeRock Identity Gateway

Provide an overview of IG
Discuss IG use cases
Present IG features

Lesson Two- Fronting a website with IG

Exhibit how IG acts as a reverse proxy
Discuss proxying WebSocket traffic
Describe installation requirements and install IG
Use IG Studio to protect a website
Examine IG configuration structure

Lesson Three- Routing & processing requests & responses

Comprehend how IG routes requests depending on external conditions
Explain how Handlers direct requests and responses within a route
Explain how filters process requests and responses
Implement password replay

Lesson Four- Understanding IG object model and logging

Understand the IG object model
Examine request, response, context, and session
Use a CaptureDecorator to perform logging
Configure the FileAttributesFilter

Module 2- Configuring Agentless Single Sign-On

Illustrate how to integrate single sign-on in an IG solution by tasking authentication to either an AM solution, including cross-domain, a SAML2 Identity provider or an OIDC provider,.

Lesson One- Executing authentication with the SingleSignOnFilter

Utilize Freeform technology preview to protect a website
Configure an AM Service
Explain the use of the SingleSignOnFilter
Retrieve information from AM utilizing the UserProfileFilter & SessionInfoFilter

Lesson Two- Configuring CDSSO for the legacy application

Explain and implement a CrossDomainSingleSignOnFilter

Lesson Three- Conducting SSO with IG as an OpenID Connect relying party

Explain and implement an OAuth2ClientFilter

Lesson Four- Providing SSO with IG as a SAML2 service provider

Explain and implement a SAML2FederationHandler
Explain and implement a DispatchHandler

Module 3- Managing access with IG as Policy Enforcement Point

Utilize IG as a policy enforcement point to guard a given web application, where AM is the policy decision point, utilizing policies & policies with advice to deliver authentication step-up & transactional authorization.

Lesson One- Implementing authorization with a PolicyEnforcementFilter

Describe and implement a PolicyEnforcementFilter

Lesson Two- Providing step-up authentication and transactional authorization

Describe and implement step-up authentication
Describe and implement transactional authorization

Module 4- Securing a REST API

Utilize IG as an OAuth2 resource server to secure a REST API and demonstrate how the solution can be extended by utilizing scripting

Lesson One- Configuring IG as an OAuth2 resource server

Describe and implement an OAuth2ResourceServerFilter
List access token resolvers
Observe the flow with the TokenIntrospectionAccessTokenResolver

Lesson Two- Extending functionality with scripts

Explain the scripting framework for extending IG functionality
Examine and implement dynamic scopes solution

Module 5- Preparing for production with IG

Emphasize various areas that must be taken into account when scheduling to go to production with an IG solution, such as security,maintenance, tuning, & deployment.

Lesson One- Auditing, monitoring, and tuning an IG solution

Describe and implement auditing
Discuss monitoring
Examine tuning questions

Lesson Two- Developing awareness of security questions with IG

Discuss IG best practices regarding security
Examine and implement common secrets
Describe and implement throttling

Lesson Three- Deploying IG

Describe and implement property value substitution
Set up multiple IG instances

FAQs

Q- What is the infrastructure required to attend your training program?

A- To attend the training session you should have an operational Desktops or Laptops with required specification along with good internet connection to access the labs.

Q- What if I miss a class on a particular day?

A- We would always recommend you to attend the live session to practice & clarify the doubts instantly and get more value from your investment. However, due to some contingency if you have to skip the class Radiant Techlearning would help you with the recorded session of that particular day. However, those recorded sessions are not meant only for personal consumption and NOT for distribution or any commercial use.

Q- How will I be accessing the labs?

A- Radiant Techlearning has a data center containing the Virtual Training environment for the purpose of participant’s hand-on-practice.

Participants can easily access these labs over Cloud with the help of remote desktop connection.

Radiant virtual labs provide you the flexibility to learn from anywhere in the world and in any time zone.

Q- What kind of projects are included as a part of training?

A- The learners will be enthralled as we engage them in real world and industry Oriented projects during the training program. These projects will improve your skills and knowledge and you will gain better experience. These real time projects, they will help you a lot in your future tasks and assignments.

Send a Message.

Enroll

ForgeRock Identity Gateway Core Concepts