Solertium 1

Small Business Products
    Overview
    EGO™ Web
    EGO™ Mail

Enterprise Software & Services
    Requirements and Scope
    Software Engineering
    Managed Infrastructure
    WorldPeer™
    Solertium 1™

Partners
    The Partner Program

Corporate
    About Us
    Contact Us
    Employment
    Events
    Management
    Acceptable Use Policy

Solertium 1

Solertium 1™ is a component that provides centralized authentication and access control for decentralized J2EE applications.

J2EE applications have become easy and affordable to decentralize. Remote offices, SOHO locations, and even road warriors can host J2EE applications locally on modern hardware and freely available software. With decentralized development, businesses can improve efficiency by funding small-scale development efforts for small-scale needs. Decentralized hosting reduces datacenter bandwidth requirements and network congestion.

Unfortunately, securing access to decentralized applications can be a complicated nightmare. Here are a few common problems and the Solertium 1 solution:

Problem	Solution
Applications that use a private authentication database: users have to memorize a new account name and password, different from their corporate credentials.	Solertium 1 can connect to Active Directory, arbitrary LDAP sources, and/or HTTP Authentication backings, to integrate with any enterprise’s password-based login system. An optional, private authentication database is available, and can be used in conjunction with an enterprise backing.
Applications with an unfriendly login interface and no automated assistance	Solertium 1 provides a rich forms-based environment for login, including password recovery and reset, where supported by the backing architecture. All features are supported on Active Directory and with a private authentication database.
Applications that need complicated and possibly unsafe network configuration to communicate with enterprise authorities, such as firewall holes to Windows domain controllers	Solertium 1 uses exclusively standard HTTP and SSL.
Applications that expose enterprise credentials to the public network	Solertium 1 will only allow plaintext passwords to be transmitted over an SSL secured channel. All communication between the web application and the authentication controller is secured using asymmetric-key cryptography.
Applications that do not protect against common application-level threat vectors like replay attacks	Solertium 1 offers additional security at the application layer, over and above SSL transport security.
Applications that need to be secured with SSL for password exchange, but not for general communications	Solertium 1 works in “mixed mode” where ordinary traffic can be sent without the performance cost of SSL. Application layer security measures still apply.
Applications that all have their own login system; users have to log in separately to each application, possibly even with different account names and passwords	Solertium 1 is single-sign-on. Many web applications can all share the same authentication controller and honor prior successful logins. Users need only authenticate themselves once to the controller.
Applications that attempt to use centralized authentication, but fail completely if the network connection to the central authority goes down	Solertium 1 securely caches successful logins for use during an outage. If the network connection to the central authority is lost, any user who was previously able to access the system is still able to log in. This feature can be disabled in those environments that require realtime account revocation.

Solertium 1 is integrated with a J2EE application using a Filter that plugs in as an alternative to container-managed authentication. It can be configured to use HTTP Basic, HTTP Digest, or rich, form-based login.

The authentication controller is implemented as a complete web application, distributed in a WAR file. It can be hosted on any SSL-enabled J2EE application server in any host or context path.

How To Buy

Solertium 1 is integrated with custom development solutions from Solertium, and is the authentication platform embedded in all our small business products. Solertium 1 can be licensed in bulk to integrators and sold directly to enterprise customers; contact sales@solertium.com for assistance.