OpenSSO - where are we headed ?

With this announcement, the Sun Java Access Manager (version 7.0) and it's product updates & enhancements would soon be available as part of the openSSO project. I am all excited and thrilled about this move even though several folks think otherwise. With the freely available source code, one could not only gain an indepth understanding of the workflow and logistics that power sun products, but also gain an edge over other developers who have been trying hard to develop their own single sign on products, JOSSO being one of them.
The Open Web SSO project provides core identity services to facilitate the implementation of transparent single sign on as an infrastructure security component. Targeted towards the web tier, this project provides the foundation for achieving seamless integration of diverse web applications that typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers. This project is based on the code base of Sun Java(tm) System Access Manager product, a core identity infrastructure product offered by Sun Microsystems. The intended audience for this project are intermediate to advanced skill level developers and IT managers who want to use this project to achieve intranet and/or extranet single sign on for their hosted web applications.
I further see and emphasise that openSSO and JOSSO would complement each other extensively. JOSSO uses JBoss as it's core container, whereas openSSO uses Sun Application Server (which is also on it's way of being Open Source'd) as it's core.
The goal of Open Web SSO project is to provide an extensible implementation of identity services infrastructure that will facilitate single sign on for web applications hosted on web and application servers. This implementation will offer the following core identity services:
  • Authentication
  • Session
  • Logging
Apart from the above mentioned services, the Open Web SSO project will also provide a platform for creating and integrating custom services where necessary.
Here's an opportunity for all those developers out there to maximize on the opportunity !! so GO FOR IT. & all those startups who plan to develop SSO & Access Management / Security products, here's your chance to INNOVATE. My take is that, you could start off from THIS codebase rather than from scratch. You could INNOVATE further rather than REPLICATE. AFter all it's all about INNOVATION. UPDATED : (on the same subject) Earl Perkins, an analyst with market research company Gartner, was quoted saying :
Today's identity and access management market is dominated by Computer Associates' Netegrity SiteMinder and RSA Security's ClearTrust. Other strong players' products include IBM's Tivoli Access Manager, Oracle's Oblix COREid, Entrust's GetAccess, Novell's iChain and Bull Evidian's Secure Access Manager. Large vendors have been scrambling over each other to buy up identity management technologies, with RSA and Entrust the only two players still standing while CA and other have gobbled up their peers. Open sourcing its ID and access management software is a clever move by Sun since it comes at a time when the technologies are beginning to become commoditised.
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

for everything on Identity, JCAPS, SOA, WebServices, Security, Single Signon, Federation, Provisioning, Virtualization, Optimization, Debugging, Workflows, Compliance, MySQL and more... WAY MORE....

[this is a group blog]

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today