The Open Web Single Sign-On (SSO) Project, referred to as OpenSSO, is an open development effort based on the source code for Sun Java System Access Manager and Sun Java System Federation Manager, two identity and federation products offered by the former Sun Microsystems, which is now part of Oracle. Within the last few weeks, three former Sun executives - Simon Phipps, Lasse Andresen and Hermann Svoren - have joined ForgeRock, an ISV with origins in the business and technical community at Sun Microsystems that is basing its business exclusively on open source products.
Phipps, former Sun chief open source officer and now chief strategy officer with ForgeRock, told internetnews.com that his new employer plans on supporting and extending the OpenSSO platform into a complete access management solution.
In an article by Internetnews.com Senior Editor Sean Michael Kerner, Phipps is quoted as saying:
"What we've done is put together a complete platform that we called the I-cubed platform that provides identity and authentication though OpenSSO and a piece of code called OpenIDM. We're also taking onboard the openESB (enterprise service bus) community, and then there are other elements to the solution like a directory service and a portal, and that's on our roadmap."
The original goal of OpenSSO was to provide an extensible foundation for an identity services infrastructure in the public domain, facilitating SSO for web applications hosted on web and application servers. Sun open sourced the code for the SSO technology under its Common Development and Distribution License (CDDL).
What ForgeRock is doing is taking the OpenSSO open source code and renaming it under its own OpenAM (access management) project name.
OpenAM is an open source Authentication, Authorization, Entitlement and Federation product. It aims to provide core identity services to simplify the implementation of transparent SSO as a security component in a network infrastructure. According to ForgeRock, OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.
"Our business is to have the whole platform and we're engaging experts with years of experience to pick up the roadmap where Sun left off and carrying on to customers what they need to succeed," Phipps said.
In March 2009, System News, Inc. reported on the planned OpenSSO Roadmap. Kerner reports that the OpenSSO project was last updated in April 2009 with the addition of new federation capabilities to enable authentication with Google Apps.
Phipps added that OpenAM will be completely identical to the place where OpenSSO was heading. So for existing users, ForgeRock is aiming to provide a degree of continuity.
"The most important thing for existing users is the continuity in the product so they can keep on going with their existing installations," ForgeRock CEO Lasse Andresen told InternetNews.com.
At the same time, Phipps made it plain that ForgeRock is not positioning itself as a direct competitor to Oracle. "Oracle has its own customers and strategy," Phipps said, "what we're saying is that after their strategy is completed, the market contains customers that have needs and that's what we're going after."
Begun just three months ago, ForgeRock reports it "has provided both support subscriptions and training for open-source software from its portfolio to a broad range of customers including Betfair, the world's largest online gambling service provider and NBS AS, a Norwegian state railway company. ... NSB AS, Norwegian State Railways, is one of Norway's foremost transport companies, with roots going back as far as the launch of Norway's first railway service in 1854. The Group's main activities are passenger transport by train and bus and rail freight operations. The NSB Group consists of a number of wholly owned and partly owned subsidiaries."
An article by eWeek's Darryl K. Taft reports on a statement made by NSB Director Jan Christiansen, outlining their investment in ForgeRock:
"We planned to go live with IaM [Identity Access Management] based on OpenSSO this spring. ForgeRock is offering support that will enable us to achieve this using OpenAM without major disruptions of the project. ForgeRock is a new company, but with a very strong team consisting of well-known professionals from the IaM field. We expect ForgeRock to be responsive, professional and effective in helping NSB to achieve our goals."
The OpenSSO Project
ForgeRock Web site
OpenAM Product Page
On the Road Toward OpenSSO Enterprise 8.1
Sun OpenSSO Enterprise 8.0
Read More ...