So, what have we been working on?
- New OpenSSO configurator - let us know what you think about the new configuration UI (mailing lists are here).
- WS-Trust Security Token Service (STS) is available on Glassfish, Sun Application Server, Sun Web Server, Geronimo, Tomcat and WebSphere - we've done a lot of trickery with classloaders to get this working across a wide range of containers. We're still working on support in Oracle Application Server, JBoss and WebLogic Server.
- Simplified STS client sample
- Configuration and/or user store replication across multiple OpenSSO instances where the embedded instance of OpenDS is in use.
- Security/SSL related fixes
- General bug fixes in all areas
Here's a full list of the more than 200 fixes in build 4. Go update your CVS or grab the binaries now and see how it works for you - and please, read the release notes for container-specific installation instructions - in particular if you're using Tomcat. There are some changes to Tomcat's cookie handling in releases 5.5.26 and 6.0.16 that cause problems for this build of OpenSSO.