Two factor authentication strikes the balance betweeen security and adoption which is why we implemented it from day one
London, England (PRWEB) March 21, 2012
From today Java developers will be able to incorporate user management, single sign on and two factor authentication into their applications in under an hour. Cloudseal, a european startup based in London, England and Tallinn, Estonia announces the public availability of their hosted authentication platform. Notable features of the new platform include:
- Spring security extension for Spring developers
- Tomcat plugin for Tomcat 6+ and VMware tc Server
- The platform can be used to secure internally hosted and external SaaS applications with no firewall changes
- Two factor authentication support including physical, software and smartphone based one time password tokens
- Free for up to 50 users with no time or feature limits
Two factor authentication was a key requirement for the platform as the founder and CTO, Toby Hobson explains
“The sad reality is that we’re now at a point where computers are better at cracking passwords than users are at remembering them. Moores law tells us that computers become more powerful every year but our own capacity for recalling information is at best static, if not in decline. We simply can’t impose any more onerous policies on our users, two factor authentication strikes the balance between security and adoption which is why we implemented it from day one”
Software and smartphone based tokens can be deployed at no cost to hundreds or even thousands of users and Cloudseal’s own Cloudpass token is delivered via Java webstart and requires no installation. Google authenticator is fully supported and is available for iPhone, Android and Blackberry users. For organisations who prefer physical tokens, Feitian’s c200 token is offered.
The platform is targeted at developers who want a simpler and more cost effective alternative to traditional platforms such as CA Siteminder and Tivoli Access Manager but with the features, support and documentation that is often lacking in open source products like Jasig’s CAS. The founder explains the background:
“In the past pretty much every project I worked on required some form of authentication or single sign on feature but we usually didn’t have the time (or budget) to implement a heavyweight solution. Open source solutions were discounted due to the lack of support and SLA … there was a gap in the market”
Cloudseal’s core protocol is SAML 2, an industry standard widely used in the finance and government sectors. SAML allows Cloudseal to provide authentication assertions to SaaS applications such as Salesforce.com, Google apps and Cisco Webex along with internally hosted applications. SAML client libraries are available for Java, .NET and PHP and the Cloudseal team have developed their own extension for the popular Spring Security framework. The platform is designed to be developer friendly as the Spring extension allows developers to swap in and swap out Cloudeal as required. Developers can start using Cloudseal straight away as the platform is free for up to 50 users and the signup process requires no payment details.
The Cloudseal platform itself has been built using the Spring framework including Spring Webflow and Spring Security, The user management and administration console has been built using Google Web Toolkit. The team chose to deploy NoSQL technologies in favor of traditional RDBMs, using MongoDB as their core database platform.
The Cloudseal platform can be used for free for up to 50 users with no time or feature limits. Thereafter it is priced at $5 USD / £3 GBP per user per month