If any readers are still out there, what are people using for access management (ala reverse proxying) with WS02’s Identity Server? The marketecture reads as great as any other product out there but just doesn’t seem to have a Policy Enforcement Point that’s not part of your app. I’m still shy exposing apps directly to the internet (though direct should read behind Firewalls, WAFs, IPSs, etc).
Am I just being too 1990s and that’s a legacy architecture model we don’t need in the days of OAuth and SAML?
@adrianbole on twitter if you do.