It’s been possible to configure OpenSSO for single sign-on (SSO) to Google Apps ever since Google implemented the SAML 2.0 protocol for federated SSO back in 2006. Last year, I covered Wajih Ahmed and Marina Sum‘s article on implementing SSO between OpenSSO and Google Apps, which described precisely how to quickly get it up and running. The process took about 10 or 15 minutes, but involved editing an XML configuration file, which does introduce some, uh, opportunity for user error.
So, we looked at how we could streamline the process, making it as foolproof as possible, and, in OpenSSO Express Build 7, built a task flow specifically for federating with Google Apps. The new task flow is described in one of the first open source starter kits for Sun’s identity products – Federating to Google Apps with OpenSSO (the other starter kit covers setting up OpenDS as a Naming Service for OpenSolaris). We now have the process down to less than four minutes, and it’s so easy, even a smoking monkey can do it 🙂
We released four new ‘version 3.0’ policy agents for OpenSSO today:
These join the existing version 3.0 policy agents for Sun Glassfish Enterprise Server (formerly known as Sun Java System Application Server) 8.x/9.x (documentation, download) and Oracle/BEA WebLogic Server/Portal 10 (documentation, download). While the 3.0 agents add centralized configuration and some other features, it’s important to note that all of the version 2.2 agents are tested and supported with OpenSSO.
A celebration this week and events over the next month in the world of OpenSSO…
- OpenSSO is 1000 members strong! Many more than 1000 people have downloaded OpenSSO (in fact, there are well over 1000 downloads every month), but 1000 people have registered at opensso.dev.java.net to be able to participate in the mailing lists and forums, and to be able to file and track issues. All I can say is… wow!
- If you’re going to the RSA Conference next week at the Moscone Center in San Francisco, don’t miss The Smoking Monkey and I presenting A Pragmatic Approach to Building Identity Management for the Enterprise. We’ll be in the Briefing Center on Wednesday April 22, 2009 at 5:30pm. More details and a qualification code for a FREE Expo pass [PDF].
- If, on the other hand, you’re planning to take in the MySQL Conference next week, at the Santa Clara Convention Center, the OpenSSO team’s very own Sean Brydon will be moderating a ‘birds of a feather’ (BoF) session – Using the OpenSSO Project and MySQL to Secure Users and Applications – at 8:30pm on Tuesday April 21st, 2009 in Ballroom C. If you’re thinking of coming, but hadn’t planned to attend the MySQL Conference, you might be interested to know that a $25 Exhibit Hall Only Pass will get you into all the BoF’s. Register Here.
- A little bit further out, registration is still open for the second OpenSSO Community Day, to be held at the Forum am Deutschen Museum in Munich (hosted by the European Identity Conference 2009) on Tuesday May 5th 2009. The first Community Day last month in New York City was a great success, with nine sessions on a variety of identity-related topics. We’ll be using the ‘unconference’ format again in Munich, so come along and join in!
- At the European Identity Conference proper, I’ll be participating in the Realigning AuthZ and Access Control with the Business panel, alongside Bavo De Ridder (De Ridder Consulting), John Aisien (Oracle), Kim Cameron (Microsoft), Keith Grayson (SAP) and Finn Frisch (Axiomatics), at 11:30am on Wednesday May 6th, 2009. If you’re staying in Munich for the entire week, be sure to catch Sun’s Dr. Steffo Weber and Abdi Mohammadi, along with Vittorio Bertocci of Microsoft for Hands-On SOA and Web Security with the Geneva Framework and with OpenSSO.
- Alternatively, later that same week are Sun Microsystems’ Northern Europe Open IAM User days. Spanning Thursday and Friday May 7th-8th, 2009, the user days will be held at Sun’s Belgian office at Zaventem, just east of Brussels. I’ll be speaking on Thursday, when we’ll be focusing on OpenSSO and OpenDS, while Friday will be more oriented towards Sun Identity Manager and Sun Role Manager. Register now for what promises to be a fascinating couple of days.
So – there you have it – a packed few weeks in OpenSSO-land, and evidence that the OpenSSO community is as active IRL (in real life) as on IRC (Internet relay chat) 🙂
As announced yesterday on the OpenSSO users mailing list, OpenSSO Express Build 7 is now available!. Congratulations and thanks to the OpenSSO team for their hard work, and to the whole OpenSSO community for continued support in the form of issue reports, patches and other contributions.
So, what’s new in Express Build 7? Here are some highlights – full details are in the release notes
The other question going through your mind may be “What on earth is an ‘Express Build’, anyway?”. The short answer is that an OpenSSO Express build is a supported ‘snapshot’ of development between full ‘OpenSSO Enterprise’ releases. The long answer is on the OpenSSO wiki.