OpenSSO Single Sign-on Plugin for WordPress

Encouraged by a comment on my post about the OpenSSO module for Drupal, and the amount of OpenSSO/Drupal buzz on Twitter, I decided to attack WordPress next. Although WordPress has a very different plugin model from Drupal, I was able to reuse much of the code from the Drupal module and get a basic single sign-on plugin working quite quickly. As with the Drupal module, there are certainly bugs in the WordPress plugin – in particular, I just noticed that, if you log in to OpenSSO as a user without a corresponding WordPress account, you can get into a redirect loop if you try to go to a protected page at WordPress. :-/

As usual, there is a README and source codealso available via CVS, and I’ve added the new provider plugin to the list on the OpenSSO Extensions page.

So… That’s two thirds of the Drupal/Joomla/Wordpress CMS trifecta covered… A competent Joomla hacker should be able to take the Drupal/WordPress work and adapt it pretty easily… Anyone want to try while I’m at Catalyst this week?

OpenSSO Express Build 8 and OpenDS SE 2.0

Flashing through the ether this morning was a press release covering OpenSSO Express 8 and OpenDS SE 2.0. Since OpenDS SE 2.0 was released a week or two ago, my colleague Ludo Poitou has documented its arrival and some of its new features in a series of blog posts:

Ludo calls out assured replication, an extension to the existing loose consistency multi-master replication feature that brings tighter consistency of data between replicas, as the biggest innovation in OpenDS 2.0; I know it’s making an impact because, the very next day after OpenDS 2.0 was released I was approached by an attendee at the Community Leadership Summit singing its praises!

Over in OpenSSO-land, we’re putting the finishing touches to OpenSSO Express Build 8, due for release in a couple of weeks time. This release will include our new Mobile One Time Password feature, the Fedlet for .Net and a new task flow for enabling single sign-on to Salesforce.com and a whole host of other goodies, so watch this space for its availability!

So, what’s an Express Build? Well, as I mentioned when we released OpenSSO Express Build 7, back in April, Express Builds are supported ‘snapshots’ of development between full ‘OpenSSO Enterprise‘ releases, allowing customers to get support on new features without waiting months for the full release. The key difference between Express builds and Enterprise builds is that fixes to Express builds are rolled into the next Express build, along with new features, while Enterprise builds have ‘bug fix only’ service packs and hot patches available for paying customers. Obviously, Express builds aren’t for everybody, but we’re finding that they work well for a lot of folks. There’s lots more information and a FAQ at the OpenSSO wiki.

OpenSSO Single Sign-on Module for Drupal

Drupal is one of the leading open source content management systems – some would say the leading open source CMS. We’ve had a few requests over the years for OpenSSO/Drupal integration, but no one has hitherto stepped forward. Finding myself with a few spare hours over the last few days, I decided to investigate.

It turns out that, thanks to Drupal’s extensibility through modules and OpenSSO’s identity services, it’s pretty straightforward to get something working. So I did. There is now an OpenSSO module for Drupal [ README | Sourcealso available via Subversion]. I’m no expert in either PHP or Drupal, so there may well be bugs, but it seems to work well, checking for the OpenSSO cookie when users attempt to access Drupal, redirecting them to OpenSSO to authenticate if necessary, and retrieving a Drupal username from the user’s OpenSSO profile before setting up the user’s Drupal session.

If there’s sufficient demand, I’ll look at going through the process to contribute this to Drupal under GPL, until then, it’s available under CDDL as an OpenSSO Extension.

Shhhh – get into the Sun Hospitality Suite at Burton Catalyst 2009 FREE

I blogged last week about Sun’s hospitality suite at the Burton Catalyst conference in San Diego later this month (July 29th to be exact). I included a priority code in that post that would get you a discount off Catalyst conference registration; well, with a bit of digging I’ve unearthed the code that will get you a pass to get into the hospitality suites (NOT the sessions, mind) absolutely free (and, as we all know, there’s nothing better than free, right?). Just register at the Burton site with super-duper secret priority code sun1du0w – and, shhhhh – don’t tell them you got it here 😉

links for 2009-07-17

New and Updated OpenSSO Extensions – CAS, Information Cards and VALid

I’ve written many times over the past couple of years on OpenSSO’s Extensions – modules, mainly contributed from the wider community, that extend or interoperate with OpenSSO in interesting ways – from a Ruby SAML 2.0 service provider to authentication modules for Yubikey, Hitachi Finger Vein Biometric and more.

I just got done adding an authentication module for JA-SIG CAS, kindly contributed by Qingfeng Zhang, so it seems like a good time to have a round up of recent extensions news…

If you have an idea for an OpenSSO Extension, just leave a comment or and I’ll fix you up with a directory in the OpenSSO CVS tree and appropriate access.

links for 2009-07-16

Coming Up – Burton Catalyst Conference 2009 – and Don Bowen – in San Diego!

There’s DIDW, IIW and even the SSO Summit, but, for me, the premier identity conference of the year is still Burton Catalyst. I’ve been going since (if I remember correctly) Burton Catalyst Europe, 2002, in Munich, and it’s always a great industry gathering, with thought provoking sessions and fun hospitality suites (so much better than an expo floor!).

This year, from July 27th-31st, Catalyst returns to San Diego, at the Hilton San Diego Bayfront Hotel, and Sun’s identity team, as usual, is hosting it’s very own hospitality suite, on the evening of Wednesday July 29th. The theme for 2009 is Hip Hop – East Coast vs West Coast.

We’ll have a break-dancing crew, ‘signature East Coast/West Coast munchies’, a whole bunch of demos, one-to-ones with Sun’s identity domain experts (and me), and much, much more. It promises to be a VERY fun night. If you haven’t yet registered for Catalyst, here’s some good news, Burton are offering discounts on registration for ‘Sun friends’ – register at the Burton site with super-secret priority code sunFriend and we’ll see you on the night!

Switching gears slightly, it was at my very first Catalyst, at Munich, back in 2002, that I first met Don Bowen, then (again, if my memory serves me) technical product manager for Sun Directory Server. We worked together in product management for a couple of years, and remained very close friends when I returned to engineering in early 2005.

If you know Don at all, you’ll be aware that he’s been fighting brain cancer since late 2007. In characteristic Don style, he’s not taking it lying down, but battling away in great spirit, documenting the journey in regular blog entries. It’s inspiring stuff, and puts most people’s day to day travails into pretty sharp perspective. Anyway, the good news… make that GREAT news, is that Don will be at Catalyst this year, and a few of us have organized a post-hospitality suite get together to share a few beers and (if past experience is anything to go by) a lot of laughs with Don. It’s on Wednesday July 29th, the same night as the Sun hospitality suite, at Henry’s Pub, 614 5th Ave (between G St and Market St), about 15 minutes walk north of the Hilton. Full details are at the Meetup page we created for the event. Please RSVP if you’re planning on joining us!

UPDATE Eve also covers the Project Concordia workshop being held on the Monday: Use Cases Driving Identity in Enterprise 2.0: The Consumerization of IT and the Cloud SSO Interop Demo, in which Sun is participating with OpenSSO. Two more reasons to be in San Diego the last week of July!

UPDATE 2 Get into the Sun hospitality suite FREE!