Tuesday Sep 16, 2008

OpenSSO Mid-September Roundup

There's been so much happening in the OpenSSO community over the past week or two, I haven't kept up with covering it here at The Aquarium. Here's a quick roundup:

OpenSSO Logo

Sun Super-SE Shesh Kondi describes how to deploy OpenSSO and its Java EE agents onto Weblogic on Mac OS X. This isn't a supported combination, but it's really handy for demos and development.

At Sun Developer Network, the latest in the 'From the Trenches at Sun Identity' series, Sidharth Mishra talks to Marina Sum about Security for Web Services.

One I picked up on Google Alerts - Qingfeng Zhang has integrated OpenSSO with JA-SIG CAS, allowing users to login to CAS and access resources protected by OpenSSO.

If you haven't already given OpenSSO a whirl, go sign up to the project, download the bits and do it now - you may just win some goodies from the CafePress OpenSSO store.

Finally, a great example of an open source community in action - OpenSSO authentication providers for Spring and Seraph. These are integrations in the 'opposite direction' from the CAS one above, allowing users to login to OpenSSO and access resources protected by Spring Security and Atlassian Seraph (the latter used by Jira and Confluence).

To stay current on OpenSSO, subscribe to Planet OpenSSO (feed).

Tuesday Sep 09, 2008

... OpenESB tutorials, SWIFT Demonstrator, GlassFish-powered service launching, OpenSSO and v3

Radio Receiver Icon

From Patrice, we now have a Java CAPS 6 / SWIFT Demonstrator initially put together in Benelux and now ready to be shared with requesting customers (VirtualBox images included).

From the other side of the Atlantic, Tom Barrett's Open ESB Tutorials are four detailed documents on getting started, tooling, event processing, and monitoring for OpenESB and Java CAPS release 6. Tom is asking for your feedback.

Johan, a GlassFish pioneer and creator of Dali is reporting on the launch of vi.be, an online social music service powered by GlassFish and Dali.

Rajeev shares his work on making OpenSSO Webstart Prototype : QuickSetup. Building on the GlassFish v3 embedded API, this provides OpenSSO users, testers, and demoers a very nice experience.

Saturday Sep 06, 2008

... Quickstart OpenSSO, RailsConf, VirtualBox Support, Sun Storage, and Boomerangs

A compilation of today's news of interest:

Radio Receiver Icon

From Rajeev, a report on an OpenSSO WebStart Prototype done through embedding GlassFish v3. Just click and go! A big change from a couple of years ago when installing and starting Sun's Access Manager was such a big task! And, from SuperPat a report on OpenSSO Integration with JIRA, done by Alexey.

From Arun, trip reports on the RailsConf Europe 2008 at Berlin, Day 1, Day 2 and Day 3.

The VirtualBox team has been very busy and they have Released VirtualBox 2.0 (Press Release). Check the Changelog and Download it. A change in this release is that, as with the strategy followed by the rest of our Open Source portfolio, VB 2.0 now has enterprise support.

On the Storage side, a Press Release reporting that Sun's market share growth the last quarter grew almost 30% Y-to-Y (top in the industry). And this is w/o the OpenStorage systems getting readied, see ComputerWorld and NYTimes.

And a very warm welcome back to Lew Tucker. Lew was in the original JavaSoft group and we overlapped briefly there. Sun has quite an open door policy to people who left (and bring back fresh experiences from outside). We even have coined a term for them: Boomerangs :-).

Friday Aug 29, 2008

OpenSSO Express and Identity Services at SDN

OpenSSO Diagram

Things have been pretty quiet on the identity front here at The Aquarium over the summer vacation season - time to kick things up a notch with a look at the recent feast of OpenSSO-related articles on the Sun Developer Network's identity pages:

In part 4 of the 'Securing Applications With Identity Services' series: 'Single Sign-On and Logout', Prashant, Aravindan and Marina show how OpenSSO's REST-based identity services can be put to use in integrating a sample Java web application with OpenSSO. This approach was used in Prashant's integration of Liferay with OpenSSO, which also works in WebSynergy.

'Integrating Applications With OpenSSO', by Tatsuo, Aravindan and Marina, covers integration with OpenSSO via policy agents, reverse proxies, the client SDK, and identity services. There's a great worked example of integrating Ruby on Rails with OpenSSO, applying OpenSSO's identity services beyond the world of Java.

The fifth interview 'From the Trenches at Sun Identity' has Marina talking to OpenSSO senior product manager Nick Wooler on Support for OpenSSO, explaining how customers can now buy support for OpenSSO via OpenSSO Express.

Finally, Aravindan Ranganathan talks to Marina about Identity Services for Securing Web Applications. As you can probably tell, identity services is one of the hottest components in OpenSSO right now!

For all the latest OpenSSO articles and more, subscribe to the SDN Identity Feed - there's plenty more in the pipeline!

Tuesday Aug 19, 2008

... Free OpenSSO Training, Roller and SocialSite, Mural and MySQL, Caller Roles, and Dreaming of Gadgets,

A compilation of today's (yesterday's!) news of interest:

Radio Receiver Icon

From the OpenSSO team, there is now a free (just need an MySun Account) Self-Paced Downloadable Lab for learning how to use OpenSSO. The course is based on OpenSSO Express Build 5. This course uses OpenSSO Build 4.5, which provides identical functionality to OpenSSO Express Build 5 which supports Apache Tomcat, Sun WebServer and GlassFish v2. Check out SuperPat, Rajeev, or go direct to the source, David.

From Dave, presentations at OpenSource Days 2008 on Apache Roller and SocialSite. Plus Dave's Commentary on a note by Matt Asay on SocialSite.

From Kevin a report on Mural (the Master Data Management project at GlassFish) on its Support for MySQL.

From Ron our security master, an entry showing how to Use JACC to Determine Caller Roles, with detailed code snippets.

Finally, not our usual topic but the Engadget piece on the Google Phone got me in Gadgets mode: NYT report on Dream, Treo Pro, BlackBerry Black, HTC Touch and Xperia X1, WiFi PAN vs Bluetooth and Lenovo IdeaPad u8. I don't know how people can track all these! but then, I am not their target audience... check out my Cell Phone :-)

Tuesday Aug 12, 2008

... IDEA 8.0; First OpenSSO Express; SilverLight and Metro; xVM Server demo; OEM of VirtualBox

A compilation of today's interesting news:

Radio Receiver Icon

From JetBrains team - the release of the first Milestone of IntelliJ IDEA 8.0; including GlassFish Server support (of course); it claims to be a substantial revamp from 7.0.

Arun shows how to Access Metro from MS Silverlight. I'll come clean - I am using Silverlight to watch the Badminton Games from the Beijing Olympics.

OpenSSO is now available in the First Express Build - b5.

Sun's Press Release on OEM Deals around VirtualBox; OEM is one more way to monetize Open Source investment - we are seeing similar opportunities around our middleware OSS offerings.

Barton reports from DebCon in Mar del Plata; it looks like there is a good chance of OpenJDK being included in Lenny; keep fingers crossed.

Steve (Wilson) demoes xVM Server to redmonk's Cote.

Friday Aug 08, 2008

OpenSSO Early Access Review Launched

The OpenSSO Project is soliciting feedback on their Early Access Build -- OpenSSO Express Build 5. With the release of this build, community members now have the opportunity to participate in the Early Access (EA) program for Sun's next commercial offering. Review the Early Access documentation and hammer away at Express Build 5! Send your EA feedback to opensso.eafeedback@dev.java.net so we can make the product perfect. Thanks in advance!

Sunday Aug 03, 2008

Sun OpenDS in OpenSSO Express


More pieces of how Sun leverages OpenSource into Enterprise Offerings: Sun OpenDS 1.0 is now in OpenSSO Express - check out Nick, Rajeev, or...

pelegri% jar -tf opensso.war | grep -i opends .... WEB-INF/lib/OpenDS.jar

Thursday Jul 24, 2008

WebSynergy with OpenSSO on GlassFish

We announced WebSynergy at JavaOne; we were expecting to launch the public site with transparent builds shortly after that but the end of (our fiscal) year and the summer have slowed us down. I think we will soon be able to show public progress; in the meantime we are making internal progress, together with the Liferay team and with add-ons.


As an example of the type of synergy across our projects, Ajit describes how to Integrating WebSynergy with OpenSSO on GFv3, showing how to download and assemble the pieces and how to configure OpenSSO. Of course, the actual Sun product would come with good ease-of-use for all these, and other, pieces.

Wednesday Jul 23, 2008

The GlassFish-Based MiddleWare Stack - So Far...

To celebrate the announcement of OpenSSO Express, here is an updated list of Sun products that build directly on GlassFish Server - let me know if I'm missing any.


Sun GlassFish Enterprise Server, (GlassFish For Business, HADB)
SJS Mobile Enterprise Platform (MEP at TA)
SailFin (Sailfin at TA, PR)
Web Synergy
ESB Suite (Open ESB), Sun MDM Suite (Mural) and Java CAPS
Federated Access Manager (OpenSSO)

Tuesday Jul 22, 2008

Sun OpenSSO Express - Support for OpenSSO Stable Milestones!

Transparent development opens the development milestones to users. Often these milestones are just a path to using the final releases - as in GlassFish Enterprise Support - but for some users the milestones may have the right combination of features/stability/timeliness and they "just want support for it". And today, to address this need for Open SSO users, Sun announced OpenSSO Express.


Sun OpenSSO Express provides support (in standard, premium and premium plus levels) for the stable milestones in OpenSSO bundled, at no extra cost, with the support of final releases of Sun Access Manager, Identity Management or Java Enterprise System.

The Express model is applicable to any open source projects, but, so far, it is only available for OpenSSO. Details on Sun OpenSSO Express are available at here and it can be downloaded here

Friday Jun 20, 2008

OpenSSO Community Passes 700 Members

OpenSSO Logo

Over the past few days, the number of participants registered at opensso.dev.java.net passed the 700 mark. It was almost exactly a year ago that we passed 400, so we're currently adding new members at the rate of nearly one a day!

Just to clarify, you can download the OpenSSO binaries and check out the source code without any kind of sign-up whatsoever. You only need to register to file issues, subscribe to the mailing lists and start submitting patches.

Much more on signing up to OpenSSO, its mailing lists and other avenues for participation at my blog entry on the same topic.

Monday Jun 09, 2008

Verisign Identity Protection and OpenSSO

Security Code

Just blogged by Jeff Bounds: Verisign Identity Protection and OpenSSO. Jeff, a Sun SE working out of Atlanta, walks through the process of creating a custom authentication module for Verisign Identity Protection (VIP), allowing holders of VIP credentials to login to OpenSSO. Key quote: "Building an Authentication Module for OpenSSO was easier than I thought".

If you have an idea for a custom authentication module for OpenSSO, give it a shot - there is plenty of help out there, and we'll be happy to add your module to OpenSSO as an extension.

Tuesday Jun 03, 2008

Virtual Federation: a Pioneering Way for Exchanging Authentication Data

Rajeev Angal

The fourth interview in Sun Developer Network technical author Marina Sum's 'From the Trenches' series, sees her talking to Federated Access Manager architect Rajeev Angal about Virtual Federation, a new approach to allowing legacy applications to interact across enterprise boundaries.

Read the interview for an overview of Virtual Federation, dig a little deeper into the technology (Secure Attribute Exchange is the old name for Virtual Federation), then go grab the latest OpenSSO build and try it out!

Friday May 02, 2008

OpenSSO Fedlet Roundup


As I mentioned on my blog yesterday, if you're following OpenSSO at all, you can't have failed to notice the recent chat around the Fedlet, a nifty mechanism for federation-enabling web applications. Briefly, the 'Fedlet' is a package that a SAML 2.0 identity provider can create to quickly federation-enable a small service provider. If you're trying to federation-enable a single web application, you need the Fedlet.

Here is the buzz:

Watch the FEDLET Now! REALLY! - Daniel Raskin
Federation in the diminutive - Eve Maler
The Fedlet has Arrived - Mark Dixon
Latest news on the Fedlet - Mark Herring
OpenSSO の最新ビルドに Fedlet が入ってる - Tatsuo Kudo
Fedlet comes out with a (Head) Bang - Derrick Harcey
How to Efficiently Accomplish Identity Federation With Fedlets - Marina Sum
Finally...The Fedlet has Arrived - Daniel Tse
The Fedlet - Sun Identity Buzz Episode - Michael Coté
The Fedlet: Federated SSO Made Easy - Enrico Bianco

I'll be presenting OpenSSO and the Fedlet at CommunityOne on Monday May 5 2008 at 4pm in Hall E 135. As you must be aware by now, CommunityOne is free of charge to attend, though you do need to register. See you there!