Tuesday Jun 03, 2008

From the Trenches - Virtual Federation: a Pioneering Way for Exchanging Authentication

The Sun Developer Network's Marina Sum spent some time recently talking to my fellow Federated Access Manager architect Rajeev Angal about Virtual Federation, a new feature forthcoming in Sun Federated Access Manager 8.0 (but available now, of course, in OpenSSO). Virtual Federation promises to simplify federation by allowing legacy applications to interact across enterprise boundaries via a SAML 'tunnel'.

Read the interview for an overview of Virtual Federation; this article has the gory details under the old name 'Secure Attribute Exchange'.

Friday May 23, 2008

Definitely the Best Version of AM Ever!!!

The title of this blog entry is a direct quote from an email we received from a very happy Sun SE today. He's kindly given me permission to share it. I added the links for convenience

Date: May 23, 2008 7:04:20 AM PDT
Subject: Federation POC Success
Wanted to let you know I just had worked on a POC for a long term oppty for some common activities going on at several government operations.
I used build 4 of OpenSSO and the most exiting part for me and please share with the team was:
1) How nice the install experience was
2) The Federation Wizards are awesome (only suggestion is to allow user to name the MetaAlias; I don't think you can add more than two entities using the wizard)
3) Integration with third party (HP Select Federate) was a dream!!!

1) Install AM
2) Run Local IDP Wizard
3) Run Remote SP Wizard to point to HP Data URL
4) HP Points to my URL for Meta Data
5) Test and WORKED FIRST TIME!!!

No kidding!! I have no idea of effort for the HP install, but with that in place, my entire time spent before I was exchanging SAML assertions with HP was about an hour (had I known I would be breaking personal records here, I think I could have sped that up)
Best news is a partner who recommends Sun witnessed that (jaws dropped).
Thanks to you and your team for what is definitely the best version of AM ever!!!

Says it all, really. Kudos to the entire AM engineering team, and, indeed, the wider OpenSSO community for what is turning into something very very special.

Monday Apr 14, 2008

From the Trenches - Daniel Raskin on Simplifying Federated Access Management

Tech author Marina Sum over at Sun Developer Network continues her series of interviews; this time in the hot seat is Daniel Raskin, senior product line manager for access and federation management at Sun.

In the interview, Daniel lifts the lid on some of the cool new features coming up in Sun Federated Access Manager 8.0 (and, of course, available NOW in OpenSSO), including Fedlets, Virtual Federation, the Federation Validator and more. Exciting stuff!

Thursday Feb 07, 2008

FAMTalk 02: Federation

I just uploaded the second FAMTalk podcast - this time, I have the host's seat, presenting 'Federation', with a particular focus on SAML 2.0. You can download a PDF plus MP3 or AAC files from FAMTalk.org, or simply subscribe to FAMTalk via iTunes or RSS.

We had some frustrating technical problems recording this episode - the Sony USB headset (UAB-260) I was using developed an annoying crackle about halfway through the program. Unplugging, replugging, rebooting - nothing made it work for more than a few minutes at a time. After wrestling with it for an hour, we decided to just record the outro segment together and I ordered a Griffin iMic to replace the Sony USB Audio box (the headset itself seemed ok) to fill in the gap on my own.

The funny thing was, I got a bit of a cold between the first recording and the second, so the transitions between the different segments are quite obvious - you can hear me get sick and recover, all within an hour

Wednesday Jan 23, 2008

Holed up in Vegas at FAMFest

At the Tropicana in Las Vegas, hard at work on a new generation of product demos for Federated Access Manager 8.0. Lots of folks here from Sun's SE community and the product group. Lots of bloggers, too - looking around the room I can see Terry, Rajeev, Derrick, Daniel, Sidharth, Wajih, Mark, Scott, Nick and Jeff - nearly half the attendees, in fact.

Tuesday Dec 18, 2007

Introducing FAMTalk

As Terry Sigle blogs today, FAMTalk (feed) went live this week. FAMTalk is a monthly podcast focusing on federation and access management (the FAM of the title) and their implementation in Sun Java System Federated Access Manager (the forthcoming next version of Access Manager) and OpenSSO. Your regular hosts will be Tim Campbell (Sun Partner Enablement), Steven Jarosz (Sun Americas Software SE - Federal), Terry (Sun Americas Software SE - Telco) and me (OpenSSO 'community guy').

In episodes 1a and 1b (we split the original 1hr 40mins or so in two), Tim presents Access Manager 101. You can download a PDF plus MP3 or AAC files from FAMTalk.org, or simply subscribe to FAMTalk via iTunes or RSS. Apparently the AAC files include the slides, which should play in sync with the audio on many iPods. I need to go check it out on my iPhone and see how it looks...

FAM 8.0 Puts the 'Full' in 'Full-Matrix SAML 2.0 Interoperability Testing'

As you might have just read, Liberty Alliance recently completed its first 'full matrix' SAML 2.0 interoperability test. Not only was Sun amongst the successful participants with its upcoming Federated Access Manager 8.0 product, we were the only participant to successfully test every conformance mode. Daniel, of course, beat me to the punch on this one, though I like to think my entry is laid out a little more neatly

I'll also take this opportunity to point out that, although Federated Access Manager 8.0 is scheduled for release next year, you can get the code and binaries right now via the OpenSSO project - in fact, we just released 'build 2' of OpenSSO v1, which includes the tested code.

Monday Oct 01, 2007

FAM 8.0 Build 1 is here!

Last Friday we declared 'build 1' of Sun Java System Federated Access Manager 8.0. This is the initial build (from the OpenSSO code) that we (engineering) handed off to QA to start the official countdown to FAM 8.0. Congratulations to both the FAM engineering team and the wider OpenSSO community on this huge milestone.

You might have seen Daniel's outline of the new features in FAM 8.0 - some of these goodies, such as WS-Federation and web services security, are in build 1; others, such as centralized server and agent config, will arrive later. As Daniel mentions, heterogeneity is a big focus in this release - the release notes cover installation on a host of containers - Glassfish v2/Sun Java System Application Server 9.1, Sun Java System Web Server 7.0 U1, BEA WebLogic Server 9.2 and 10.0, IBM Websphere Application Server 6.1, Oracle Application Server 10g, and Apache Tomcat 5.5.x.

So, grab the zip, throw it on your favorite container and let us know of any issues! (You'll need to be a project member to file an issue - join OpenSSO here.)

Thursday Sep 20, 2007

Sun Java System Federated Access Manager Architecture Overview

The eagle eyed amongst you might have noticed references to something called Sun Java System Federated Access Manager 8.0. Simply stated, we are bringing together the Access Manager and Federation Manager products in the next version, together with some exciting new features. I'll leave it to Daniel to bring you the full product roadmap story, but I will stress this important point: FAM 8.0 will be OpenSSO; that is, the commercial product will be built from, and identical to, OpenSSO, in exactly the same way that Sun Java System Application Server 9.1 is built from, and identical to, Glassfish v2.

As part of this process, fellow architect and occasional blogger Rajeev Angal has writted an excellent overview of the OpenSSO/Federated Access Manager architecture on the new Federated Access Manager wiki.

The architecture document moves from a 30,000 ft 'elevator pitch' (now there's an interesting mixed metaphor!) to detail the various FAM services, extension points and dependencies. Absolutely required reading for anyone working with OpenSSO, Access Manager and Federation Manager or looking forward to the upcoming Federated Access Manager - OpenSSO/Federated Access Manager architecture




« June 2016