Friday Sep 11, 2009

OpenSSO Tab Sweep - Sep 11 2009

Wow - it's been months since the last OpenSSO tab sweep. Anyway - here's a collection of the latest news from the world of OpenSSO:

Now I can close a few Firefox tabs and relax. Have a good weekend, everyone!

Monday Aug 17, 2009

Securing REST Web Services With OAuth

It's been a while since the last OpenSSO article at Sun Developer Network (the excellent, three-part, Troubleshooting OpenSSO with Firefox Add-Ons), but Malla and Rick have come up trumps with Securing REST Web Services With OAuth.

The article recasts the tried and true 'stock quote sample' as a RESTful web service with access protected by OAuth via OpenSSO and Jersey (Sun's open source implementation of JAX-RS, aka JSR 311). This is technology that has hitherto only been demonstrated in a demo at JavaOne 2009, so it's great to see it being successfully applied here.

Go read the article and discover how OpenSSO, Jersey and OAuth combine to secure RESTful web services!

Friday Jan 09, 2009

OpenSSO Tab Sweep - Jan 10 2009

First OpenSSO tab sweep of 2009, a pretty quiet week, but a few items worth reporting...

Ah well - at least there are no hits for opensso potoroo... Yet... (Yes, it took me many many tries to find an animal that generated zero hits on Google when combined with OpenSSO. A potoroo is an Australian marsupial - much like a bandicoot. In case you're wondering, there are 28 hits for opensso bandicoot. What a strange world we live in...).

Friday Dec 12, 2008

OpenSSO Tab Sweep - Dec 12 2008

It's been a while since the last tab sweep - lots of news since then, such as the OpenSSO Enterprise 8.0 release, that's kept me busy both here on the blog and 'in real life' (if there is such a thing any more!). Anyway, here are some of the titbits I've been saving for a tab sweep blog post:

Well - that wraps things up for this week. Don't forget to vote for OpenSSO in the SOA World Readers' Choice Awards!!!

Wednesday Dec 03, 2008

Policy Agents, SugarCRM, simpleSAMLphp and OpenSSO

A couple of great articles from Sun Developer Network over the past two weeks... First on the roster, Sean Brydon and Aravindan Ranganathan team up with the ever-present Marina Sum for a short series entitled 'Protecting Applications With Java EE Policy Agents'. Part 1:Basic Steps provides an excellent grounding in just what a policy agent does, and how to deploy and configure one with OpenSSO. Download the sample Java EE web application and work through the example that Sean and Aravindan present.

Next up, Thomas Varghese and Marina tackle Single Sign-On for SugarCRM Through a SAML-Based Integration of OpenSSO and simpleSAMLphp. Regular readers will know that I have a soft spot for simpleSAMLphp, since it evolved from the 'Lightbulb' SAML/PHP code that I wrote as a proof of concept many (Internet) years ago. Here, Thomas uses simpleSAMLphp as a lightweight bridge between the PHP-based SugarCRM and OpenSSO, showing how a fictitious SugarCRM hosting company provides single sign-on to its enterprise customers. In this context, simpleSAMLphp is effectively a PHP Fedlet, or perhaps the Fedlet is a Java simpleSAMLphp . Either way - go read all about it at SDN.

Friday Oct 10, 2008

OpenSSO Tab Sweep

By now, you're probably familiar with the term 'tab sweep', particularly if you've read either of Tim or Rich's blogs. You end the week with a bunch of tabs open in your browser that you need to blog about, so you do. Here's my first...

There - I feel lighter now I got all that off my chest. Have a good weekend, everyone!

Friday Sep 26, 2008

Ask the OpenSSO Experts!

Next week at the Sun Developer Network Ask the Experts site, Rajeev Angal, Aravindan Ranganathan, Dilli Dorai, and Qingwen Cheng will be answering your questions on OpenSSO. If you have a question on access management, identity federation, secure web services or anything else OpenSSO-related, post it to the Ask the Experts page during the week of September 29. Go on - see if you can stump them

Thursday Sep 11, 2008

From the Trenches - Security for Web Services

Over at Sun Developer Network today, Sidharth Mishra talks to Marina Sum about Security for Web Services. It's an interesting, high-level discussion, covering both the motivations for securing Web services and some of the standards and technology in the area. In particular, there's a useful explanation of the role of the Security Token Service (STS) in brokering trust between Web service consumers and providers.

Get yourself a nice cup of tea (or, if you must, coffee ) and give it a read.

Friday Aug 29, 2008

Integrating Applications With OpenSSO and more at SDN

What with vacation and work on OpenSSO, I've built up quite a backlog of blogworthy news. Now that I've got a couple of hours spare, it's time to take a look at what's been happening over at Sun Developer Network's Identity pages...

  • The 'Securing Applications With Identity Services' series continues with part 4: 'Single Sign-On and Logout'. Prashant, Aravindan and Marina show how OpenSSO's REST-based identity services can be put to use in integrating a sample Java web application 'directly' with OpenSSO, without deploying a policy agent. This approach was used in Prashant's integration of Liferay with OpenSSO, which also works in WebSynergy. While the policy agent is a great solution for SSO-enabling existing web apps, the REST mechanism allows you to build OpenSSO support right into an app so it works 'out of the box' with no additional components.
  • In 'Integrating Applications With OpenSSO', Tatsuo, Aravindan and Marina cover integration with OpenSSO via policy agents, reverse proxies, the client SDK, and identity services. There's a great worked example of integrating Ruby on Rails with OpenSSO, applying OpenSSO's identity services beyond the world of Java.
  • As if that wasn't enough, there have been a couple more articles in the 'From the Trenches at Sun Identity' series. In her fifth interview with OpenSSO folks, Marina (does she never sleep?) talks to OpenSSO senior product manager Nick Wooler on Support for OpenSSO, explaining how customers can now buy support for OpenSSO via OpenSSO Express. Interview number six has the almost-as-ubiquitous-as-Marina Aravindan Ranganathan on Identity Services for Securing Web Applications. Can you tell that identity services are a big focus for OpenSSO right now?

Lots to catch up with there! To stay current, you can subscribe to a feed of identity management goodness from Sun Developer Network - just point your feed reader here.

Tuesday Jun 03, 2008

From the Trenches - Virtual Federation: a Pioneering Way for Exchanging Authentication

The Sun Developer Network's Marina Sum spent some time recently talking to my fellow Federated Access Manager architect Rajeev Angal about Virtual Federation, a new feature forthcoming in Sun Federated Access Manager 8.0 (but available now, of course, in OpenSSO). Virtual Federation promises to simplify federation by allowing legacy applications to interact across enterprise boundaries via a SAML 'tunnel'.

Read the interview for an overview of Virtual Federation; this article has the gory details under the old name 'Secure Attribute Exchange'.

Friday Apr 18, 2008

Fetching User Attributes With Identity Services

As I just blogged over at The Aquarium, Aravindan, Lakshman and Marina just published part 3 of their series on the new identity services functionality available now in OpenSSO and coming soon in Sun Federated Access Manager 8.0: Securing Applications With Identity Services, Part 3: User Attributes.

User attributes are key for delivering personalized services, and are often the main reason for authenticating the user in the first place. Go read the article - whether you're a RESTafarian or on the SOAPy side - you can quickly and easily put OpenSSO's identity services to work.

Monday Apr 14, 2008

From the Trenches - Daniel Raskin on Simplifying Federated Access Management

Tech author Marina Sum over at Sun Developer Network continues her series of interviews; this time in the hot seat is Daniel Raskin, senior product line manager for access and federation management at Sun.

In the interview, Daniel lifts the lid on some of the cool new features coming up in Sun Federated Access Manager 8.0 (and, of course, available NOW in OpenSSO), including Fedlets, Virtual Federation, the Federation Validator and more. Exciting stuff!

Monday Mar 24, 2008

Fame! Well, an interview at Sun Developer Network...

From the shameless self-promotion dept...

Hot on the heels of her interview with Jamie last week, Marina's latest subject is... me!

Sadly, my suggested title of "Sun's Rising Identity Superstar" was rejected in favor of the far less exciting "OpenSSO, a Thriving Community". Oh well...

Tuesday Mar 18, 2008

From the Trenches - Jamie Nelson on Web Access Management

Sun Developer Network tech author Marina Sum starts a new series of interviews this week with OpenSSO's benevolent dictator and Sun's director of engineering for access and federation management, Jamie Nelson (my boss, so I'd better be careful here!).

In the interview, Jamie explains how web developers need to consider security, but, at the same time, avoid hard-coding it into their apps. Some great tips and useful links for any web developer - read the article here!

Friday Jan 18, 2008

Fine-Grained Authorization with Sun Java System Access Manager

Following on from last June's Sun Developer Network article on Basic Authorization with Sun Java System Access Manager, Robert Skoczylas of Indigo Consulting and Sun tech author Marina Sum recently published a second article, Developing Secure Applications with Sun Java System Access Manager, Part 2: Advanced Authorization.

This time, Robert and Marina look at how Sun Java System Access Manager can be used as a general purpose policy store, and, with some customization, can provide fine-grained authorization for UI elements rendered by both Java and .NET web applications. This is a great article to read if you've wondered how Access Manager can be used to authorize access to resources other that the usual web page URLs.




« July 2016