Daily News |  Current Issue |  Archives  |  Blogs |  Keywords |  Mediakit  |  Advertise |    |  Free Trial!
System News
System News > Volume 133 > Issue 1 > Free and Open Source S/W >
Sign in  |   Register  |   Password Help   |   Membership types
On the Road Toward OpenSSO Enterprise 8.1
 Latest Details Outline Release Schedule
March 2, 2009,
Volume 133, Issue 1

roadmap offers details on upcoming features and progress
 

Sun OpenSSO Enterprise (formerly Sun Java System Access Manager and Sun Java System Federation Manager) secures access to Web applications and enables federation, both within enterprises and across business-to-business (B2B) value chains.

The OpenSSO team has released a roadmap toward the commercial release of its enterprise version 8.1. Beginning this coming April with the anticipated Express 7 release, all the way through to the commercial release of OpenSSO Enterprise 8.1 expected in March of 2010, the roadmap offers details on upcoming features and progress.

THE OPENSSO ROADMAP

EXPRESS 7: April 2009

  • Google Apps Federation Flow: Although it is relatively straightforward to federate with Google using SAML today, we are adding a simple task flow that reduces the effort down to a few simple steps. This will make it extremely easy to outsource your collaboration tools to Google's hosted service.

  • Multi-Protocol Federation Flow: This feature is focused on improving ease of use by allowing users to easily configure federated connections using any protocol via the OpenSSO 'Common Tasks' page. This is part of our effort to move all capabilities from an object-oriented approach to a task-based approach. We already support all the key federation protocols; this feature is focused simply on making it easier to configure and reducing time to deployment.

EXPRESS 8: July 2009

  • Mobile One Time Password: We are in the process of adding capabilities to OpenSSO that allow a user to obtain a one time password via your mobile phone (e.g. - using SMS text messages). This is not a replacement for traditional multi-factor authentication solutions, but rather a lightweight alternative for those that don't want to buy a packaged offering to complement their web access management solution. The key benefit of this solution is that organizations will be able to lower operational expenses by allowing consumers to use their cell phones as a physical token device rather than buying a separate piece of hardware.

  • Reverse Proxy with Password Replay: Our reverse proxy is being rewritten as a 100% Java proxy that also has the ability to capture and replay passwords for web applications not protected by your single sign-on solution. In short, this will allow Enterprise Single Sign-on (screen scraping) functionality for web applications. Applications that are not protected by OpenSSO can use password replay to do simple password capture and authentication.

  • MySQL User Store Support: This feature provides a plug-in that allows OpenSSO deployments to use MySQL as a user store.

  • Fedlet for .NET: The 'Fedlet' is a package that a SAML 2.0 identity provider can create to quickly federation-enable a small service provider. The idea is that, if you're running a single web application, you're not going to want to deploy and maintain an entire federation service to run a standalone service provider. What you want is a little package of code and configuration to federation-enable your web application. The Fedlet was originally released in OpenSSO Enterprise 8.0 to support Java applications. The Fedlet for .NET is for service providers that want to deploy a Fedlet to support .NET applications. It is smaller than 1.5MB and can be deployed in three simple steps. Once deployed the Fedlet will support the SAML 2.0 Web Browser Profile with responses sent via the POST binding.

  • Entitlement Enforcement, Phase One: This set of features will extend OpenSSO to now offer fine-grained authorization (FGA) for web applications out-of-the box. You will no longer need to use our custom API's to handle FGA decisions. The entitlements solution will add a killer policy management interface for defining policies/conditions and managing policies, a policy auditor to validate policies and REST-based web services that will allow developers to invoke authorization from their applications. The OpenSSO entitlement enforcement solution will leverage our currently available XACML request/response support, and be a fully standards-based implementation. In addition, the solution will support XACML import/export for fine-grained policy definitions.

Phase one will provide a minimal UI and basic FGA identity web services that can be invoked using REST.

EXPRESS 9: October 2009

  • Entitlement Enforcement, Phase Two: Phase Two of the entitlement enforcement feature set will include all UI components and a complete back end.

  • Service Level Monitoring: Within the OpenSSO community we are actively working to develop robust monitoring features for large-scale deployments that allow system and network administrators to proactively manage important enterprise assets that range from physical devices to systems and applications. Through our new service level monitoring capabilities deployers will be able to monitor their deployment health, detect and diagnose problems and use reported metrics to size deployments.

The monitoring solution will use monitoring agents and leverage existing agents such as those provided with OpenDS, GlassFish and the Java Virtual Machine. The mosaic of agents will all report management data to a central console, which can aggregate the information and present a single consolidated view for administrators.

Data captured by the OpenSSO monitoring solution will fall into the following categories for each OpenSSO component:

* Configuration overview : number of servers, authentication modules, realms, agent types, etc.

* Metrics related to resource usage : cache sizes, connection pools, sessions, etc.

* Counts on operations : authentication success/failure, authorization success/failure etc.

* Faults and diagnostics : server/agent down, LDAP health, connectivity issues, etc.

* Thresholds and alerts : events emitted when certain configured limits are met -- number of authentication failures exceeds limit, number of in-memory sessions exceeds limit, etc.

EXPRESS 10: January 2010

  • Beta Release: The release prior to our commercial release is a beta release that does not include new features. This is primarily a test/bug release and allows us to focus on commercial-grade stability for OpenSSO Enterprise 8.1.

OPENSSO ENTERPRISE 8.1: March 2010

  • OpenSSO Enterprise 8.1 Release: OpenSSO Enterprise 8.1 commercial release.

More Information

OpenSSO Release Schedule

OpenSSO wiki home page

Sun OpenSSO Enterprise product page [...read more...]

Keywords:

fullsource
Print
Email
Current
Profile
Archive
Blog
Generate newsletter
 

Other articles in the Free and Open Source S/W section of Volume 133, Issue 1:

See all archived articles in the Free and Open Source S/W section.

Top 10 Most Popular Articles in Current Issue (Vol 168, Issue 1)

Featured Articles



Archive by Section
Archive by Activity
Archive by Date
News and Solutions for Users of Solaris, Java and Oracle's Sun hardware products
Just the news you need, none of what you don't – 42,000+ Members – 24,000+ Articles Published since 1998
BigAdmin Cloud Developer Disk Events FOSS Features HPC Hardware Intel
Java MySQL NetBeans News OpenOffice OpenSolaris OpenStorage Partners Performance Publications
Security Servers Service Software Solaris Storage SysAdmin Tape Workstation VendorVoice

Latest Issue  |   Archived Articles  |   Edit Account  |   Blogs  |   About SNI  |   Mediakit  |   NewsToLeads  |   Headlines  |   NewsToLeads  |   RSS Feeds
Copyright © 1998-2011 System News, Inc.