Product Architecture

Soffid consists of the following items:

  • Relational database. Soffid supports a limited number of relational data base engines including MariaDB, MySQL, Oracle and SQL Server. The whole information regarding identities, user accounts, password and configuration is being store in this database.
  • System core. It’s a set of Spring services that contains the underlying identity management logic as well as the managed systems bindings. This core includes a Spring service access layer through standard EJBs.
  • Web service layer. Allows to use the core services remotely in an platform or programming language non dependent way.
  • The workflow engine (BPM) allows to manage and orchestrate any kind of flows, including user interactive and automated tasks.
  • The synchronization servers are in charge for provisioning users into managed systems, as well as gathering information about user accounts to be loaded into Soffid. In addition, it handles enterprise single sign on desktops authentication and session control.
  • The enterprise single sign on module can be installed on user desktops with Ubuntu Linux or Microsoft Windows operating system. It improves desktop access control besides it removes the need for the user to repeat user credentials into web and desktop applications
  • The identity federation module eases and centralize the user authentication process, for applications supporting the SAML standard
  • The web single sign on module can be installed in front of web applications that cannot handle SAML protocol. The user will be using the identity provider as with any other SAML capable application without applying any change to the underlying web application.