Two Black Widows

We had some friends round for a BBQ yesterday. They noticed a crazy looking web in the corner of the garden, and were pretty sure it belonged to a black widow. Sure enough, come dusk, the spider came out of its lair in the corner of the web. A quick spray with spider spray dispatched it and ensured that the same spot wouldn’t be used by another tenant for a while. There was another similar web in another corner of the garden, with another, smaller black widow.

I do feel a bit bad, spraying spiders, but we have two small children, and black widow venom is highly neurotoxic.

links for 2007-09-23

All-New Fall Schedule

I have a packed schedule this fall – well, packed for me, anyway:

First up, next week, is Digital ID World at the Hilton in San Francisco. I’ll be there for Sun’s reception on Monday evening and the Concordia workshop on Wednesday. The last Concordia workshop, colocated with Burton Catalyst, back in June, gave some great insights into some real-world identity interoperability, with George Fletcher of AOL [PDF], Mike Beach of Boeing [PDF], Jim Heaton of GM [PDF], Ian Bailey of the BC Government [PDF] and Georgia Marsh of GSA [PDF] explaining the interop issues they are facing, as well as some notable successes. This time round, representatives of Chevron, InCommon and the State Services Commission of the New Zealand Government will be presenting. Admission is free – just add yourself to the wiki.

Next month, from October 23rd to 25th, is the Liberty Alliance plenary meeting in Tokyo. The plenary meeting is Liberty members-only, but there is an open workshop day on the Friday. On the packed bill are Roger Sullivan of Oracle, Makoto Hatakeyama of NEC, Paul Madsen of NTT, Prateek Mishra of Oracle, Yukio Itakura of the Institute of Information Security, Colin Wallis of the New Zealand State Services Commission, Ken Ojiri of NTT, Brett McDowell of the Liberty Alliance, Kenji Takahashi of NTT and my good self. I will be presenting an update on open source identity at Sun – OpenSSO, OpenDS and… well, you’ll have to wait and see. The event is free – just register here.

November brings my first ever trip to Raleigh, North Carolina, on November 8th, to talk to the Triangle Linux Users Group. They’ve given me 2 hours (the fools!) to wax lyrical on identity from LDAP to SAML and beyond. Attendance is free and open, so, if you’re in the Triangle area, come along. It starts at 7pm and, apparently, there is pizza.

Finally, in December, the good folks at Javapolis in Antwerp have kindly invited me to present 3 sessions – one each on SAML 2.0, Liberty ID-WSF 2.0 and OpenSSO. Hmm – I must submit those abstracts… I’m afraid you have to pay this time, but, at 410 Euros for the entire week (December 10th – 14th), it’s great value. Here’s the registration page.

So – there you have it – come along to one of the events, say hi, eat pizza and find out about identity, federation and OpenSSO

Sun Java System Federated Access Manager Architecture Overview

The eagle eyed amongst you might have noticed references to something called Sun Java System Federated Access Manager 8.0. Simply stated, we are bringing together the Access Manager and Federation Manager products in the next version, together with some exciting new features. I’ll leave it to Daniel to bring you the full product roadmap story, but I will stress this important point: FAM 8.0 will be OpenSSO; that is, the commercial product will be built from, and identical to, OpenSSO, in exactly the same way that Sun Java System Application Server 9.1 is built from, and identical to, Glassfish v2.

As part of this process, fellow architect and occasional blogger Rajeev Angal has writted an excellent overview of the OpenSSO/Federated Access Manager architecture on the new Federated Access Manager wiki.

The architecture document moves from a 30,000 ft ‘elevator pitch’ (now there’s an interesting mixed metaphor!) to detail the various FAM services, extension points and dependencies. Absolutely required reading for anyone working with OpenSSO, Access Manager and Federation Manager or looking forward to the upcoming Federated Access Manager – OpenSSO/Federated Access Manager architecture

Glassfish v2 / Sun Java System Application Server 9.1 – it’s here!

As you’ve almost certainly already noticed, Glassfish turned v2 today, with commercial support available from Sun in the form of Sun Java System Application Server 9.1. New features target the enterprise, with clustering support, improved performance and, arguably most interesting, web services support from Metro. We’re building OpenSSO‘s WS-Trust security token service (STS) on Metro.

OpenSSO and Sun Java System Access Manager have supported GFv2 and AS 9.1 for some time now both as a deployment container (recall, OpenSSO/Access Manager is a standard J2EE web application) and via a Java EE policy agent – available here in source form and here as a supported policy agent for Access Manager. It’s also worth pointing out that Access Manager ships with the NetBeans Enterprise PackNetBeans, Glassfish, Access Manager and much, much more in one hit. Heady stuff!

SSO from Sun Java System Access Manager to Outlook Web Access 2003

Completing our trilogy of articles on integrating Sun Java System Access Manager with Microsoft web applications is Sun and Microsoft Interoperate for Web Authentication, Part 3 – Sun Java System Access Manager and Microsoft Outlook Web Access for Exchange Server 2003. This time, Marina Sum, our resident technical author, and Madan Ranganath, Access Manager policy agent engineer, focus on single sign-on from Access Manager to OWA 2003.

If you work your way through the first two installments, covering IIS and SharePoint Portal Server 2003, and this final article, you’ll know pretty much all there is to know about single sign-on between Access Manager and Microsoft’s web applications.