ActivIdentity 4TRESS Authentication Module for OpenSSO/Access Manager

Marina Sum (who must be just about the busiest tech author at Sun Developer Network these days!) has co-written an article with Michelle Cope, of Sun’s ISV Engineering team, on integrating Sun Java System Access Manager with ActivIdentity 4TRESS Authentication Server.

The article shows how you can use Access Manager’s session upgrade feature to protect particularly sensitive resources with the one-time password (OTP) authentication schemes in 4TRESS.

What is particularly interesting about this integration is that the complete source code is available as an OpenSSO Extension; if you already have ActivIdentity 4TRESS, you can read the article, download the source, build the authentication module and deploy it into Access Manager or OpenSSO. If you don’t have 4TRESS, then call the good people at ActivIdentity, and tell them Pat sent you

FAMTalk 02: Federation

I just uploaded the second FAMTalk podcast – this time, I have the host’s seat, presenting ‘Federation’, with a particular focus on SAML 2.0. You can download a PDF plus MP3 or AAC files from, or simply subscribe to FAMTalk via iTunes or RSS.

We had some frustrating technical problems recording this episode – the Sony USB headset (UAB-260) I was using developed an annoying crackle about halfway through the program. Unplugging, replugging, rebooting – nothing made it work for more than a few minutes at a time. After wrestling with it for an hour, we decided to just record the outro segment together and I ordered a Griffin iMic to replace the Sony USB Audio box (the headset itself seemed ok) to fill in the gap on my own.

The funny thing was, I got a bit of a cold between the first recording and the second, so the transitions between the different segments are quite obvious – you can hear me get sick and recover, all within an hour

Paul Bryan Interviewed at Sun Developer Network

As I just mentioned over at The Aquarium, Marina Sum recently published a short interview with Paul Bryan, in which Paul talks about OpenID, OpenSSO and the fight against phishing and identity theft.

OpenSSO participants and regular readers will recognize Paul’s name – he was the very first external committer on the OpenSSO project, back in 2006. Paul went on to write the OpenID Extension for OpenSSO (since deployed at before joining Sun in October 2007. While we were sad to ‘lose’ an external committer, we were very happy to welcome Paul to Sun.

Go read the interview and be sure to leave a comment – this short interview format is new and Marina is looking for your feedback.