Wednesday Oct 29, 2008

... GF v3 Prelude One Pager, Author! Author!, GFv3 Logging, VirtualBox at Amazon, New Shoal, Windows News

A compilation of today's news of interest:

Radio Receiver Icon

Masoud is ahead of us! Check out his One-Pager on GlassFish v3 Prelude. The actual release of GFv3 Prelude will be split into two parts: the bits will go out this week but the special webinar is not until next week, on November 6th.

Packt Publishing is looking for an author to write a new book focused on the administration features in GlassFish server to complement their Java EE5 Development using GlassFish Application Server. Check out the Authors info, and contact Kshipra Singh (kshipras at packtpub dot com) if interested.

Carla writes about Logging features in GlassFish v3 Prelude. Overall, logging in GFv3 will now use the JDK logging facility but not all features are implemented yet, so check on Carla's writup to see the details and plans.

Shoal is getting close to the 1.1 release, as part of the preparations for GFv2.1 and Sailfin. Check out Changelog, Shreedhar's Summary Note, and Download Page.

VirtualBox is now available for retail purchase at (not in the US store, though). It's not yet a best seller; as of this writing, it is ranked 15,244 - let's see how if it goes up...

Plenty of Microsoft news aligned with PDC 2008. There is now a pre-Beta Windows 7 that includes plenty of consumer-friendly features like improved navigation and taskbars and multi-touch gestures, as well as lightweight, web-friendly versions of Office products. They have also announced their Cloud offering, Azure, but I've not had much time to check it except to note that Yousef is involved. On a more techie side, Rajeev reports that MS will add SAML 2 Support, which is good news for OpenSSO et al.

Friday Aug 08, 2008

OpenSSO Early Access Review Launched

The OpenSSO Project is soliciting feedback on their Early Access Build -- OpenSSO Express Build 5. With the release of this build, community members now have the opportunity to participate in the Early Access (EA) program for Sun's next commercial offering. Review the Early Access documentation and hammer away at Express Build 5! Send your EA feedback to so we can make the product perfect. Thanks in advance!

Saturday Dec 08, 2007

Metro Security - Configuring Kerberos Token Profile and Accessing SAML Assertions

Mosaic of Cerberus - From Valencia, Spain

Two new posts explaining advanced uses of Web Services security in Metro. First Ashutosh explains how to Run a Kerberos Token Profile based WS Security scenario as it was used at the Latest Plugfest at Redmont. This builds on an earlier entry describing earlier entry on the same topic.

Then Kumar shows how to programmatically Access the SAML Assertion in a WSIT Secure Scenario.

Monday Jun 25, 2007

New OpenSSO Articles at Sun Developer Network

Access Manager Authorization Architecture

Over at the Sun Developer Network, Marina Sum has been on a tear this past week or so, with two articles on OpenSSO and its sister product, Sun Java System Access Manager. Last week, she and I published Single Logout: A Demo, a follow-up to February's article Switch on SAML for PHP With Project Lightbulb, covering Project Lightbulb's evolution into OpenSSO Extensions and its implementation of SAML 2.0 single logout. Much discussion of the mechanics of single logout and its implementation in the OpenSSO SAML 2.0/PHP Extension.

Today, Marina and Robert Skoczylas of Indigo Consulting published Developing Secure Applications with Sun Java System Access Manager, Part 1: Basic Authorization. This article, part 1 of a series, presents a case study of implementing authentication, single sign-on, and authorization at a fictional health-care insurance company. Great stuff, working from a high-level description of the problem right down to specific Access Manager customizations.

Tuesday Apr 24, 2007

SSO from Sun Java System Access Manager to SAP via SAML

Welcome Page of SAP EP

Another neat technical article just hit the wire over at Sun Developer Network: Achieving SSO With Sun Java System Access Manager and SAML. Vasanth Bhat and Marina Sum look at how to integrate Access Manager with a third party application - in this case SAP NetWeaver Enterprise Portal 2004s - via SAML. Neat stuff!

Monday Mar 12, 2007

OpenSSO Extensions Launched Today

Paul Bryan

Following on from last week's entry on OpenID on OpenSSO, we rolled the new OpenID code into OpenSSO over the weekend and are today announcing OpenSSO Extensions (more detail in my blog entry at Superpatterns) - an incubator for OpenSSO. The OpenID code is there, as is the existing 'Lightbulb' SAML 2.0 PHP and a new Client SDK for OpenSSO implemented in PHP.

The idea is that, if you have an idea for a cool extension to OpenSSO, maybe a new authentication module or identity repository plugin, you can work on it in the OpenSSO community, with the code hosted in a 'sandbox' under the opensso/extensions tree. As extensions mature we'll look at migrating them into the OpenSSO core.

Thursday Mar 01, 2007

Securing Communications in Web Services

Malla Simhachalam Marina Sum

Malla Simhachalam and Marina Sum have written an excellent tutorial on securing web services using NetBeans 5.5 and Sun Java System Access Manager.

The tutorial walks through a familiar stock ticker sample, showing how anonymous users get delayed stock price data while authenticated users have access to real-time prices. Malla and Marina step through the message exchange and explain how it is secured with SAML assertions, so this is a great read if you are looking at identity-enabling web services.

Tuesday Feb 06, 2007

Switch on SAML for PHP with Project Lightbulb


As I just mentioned over at Superpatterns, Marina Sum and I just published an article on the Sun Developer Network (SDN) - Switch on SAML for PHP with Project Lightbulb. The article walks through some of the Project Lightbulb code, following the single sign-on process. If you want to work with the Lightbulb code, or you just want a better idea of how SAML 2.0 works, this article is for you.

Friday Oct 20, 2006

SAML 2.0 in PHP

Over at Superpatterns, I've just announced the first drop of my SAML 2.0 PHP service provider code. There is more detail at that link, particularly in the linked docs, but, briefly, this is a collection of PHP scripts that SAML 2.0 enable a service provider, 'outsourcing' user authentication to an identity provider. This is very much 'proof-of-concept' code - contributions are welcomed, particularly from PHPers!