At OSCON a few weeks ago, I spent a little time with OpenSolaris enthusiast Jack Adams (who doesn’t seem to have his own page, but is often in the company of Bruno Souza and Deirdré Straughan), chatting about the basics of OpenSSO, single sign-on and federation. Luckily, it was all caught on video…
Short notice, but if you have a spare hour tomorrow (Wednesday August 19th 2009) morning, Daniel Raskin, Sun’s Chief Identity Strategist, and I will be presenting a webinar titled OpenSSO Express for Improved SSO. Join us at 10am PDT/1pm EDT/7pm CET for an update on the very latest features in OpenSSO Express 8 and beyond, such as mobile one-time passwords, the Fedlet for .Net, SalesForce.com integration and OAuth.
It’s been a while since the last OpenSSO article at Sun Developer Network (the excellent, three-part, Troubleshooting OpenSSO with Firefox Add-Ons), but Malla and Rick have come up trumps with Securing REST Web Services With OAuth.
The article recasts the tried and true ‘stock quote sample’ as a RESTful web service with access protected by OAuth via OpenSSO and Jersey (Sun’s open source implementation of JAX-RS, aka JSR 311). This is technology that has hitherto only been demonstrated in a demo at JavaOne 2009, so it’s great to see it being successfully applied here.
Go read the article and discover how OpenSSO, Jersey and OAuth combine to secure RESTful web services!
Reformatted from the ‘tell-a-friend’ email provided by the LIVESTRONG website:
I just joined Don Bowen’s dedication page at LIVESTRONG Action. Don Bowen inspired someone close to me to commit to end cancer, and now I’ve joined with them.
This page is a part of the world’s largest dedication book that LIVESTRONG Action will use to pressure world leaders to do more to fight cancer. If we can collect enough names in the book, it will have a real impact when Lance Armstrong delivers it – but we need more signatures.
Can you take a moment to add your name to the dedication page?
Lance Armstrong recently dedicated his ride in the Tour de France to the fight against cancer. Now that the race is over, he’ll send this dedication book – with your signature – to world leaders and pressure them to make cancer a priority in their own countries. It’s our best chance to push for better treatment, more funding for cancer research and access to care for everyone around the world.
But if people like us don’t stand up, these leaders won’t pay attention.
Will you check out the dedication page? Don Bowen inspired me to take action – hopefully they’ll inspire you to do the same:
Great idea, Melanie!!!
Following the recent trio of OpenSSO Extensions targeting PHP CMS applications (see my previous entries covering the extensions for Drupal, WordPress and Joomla), I decided to look at MediaWiki, the PHP application powering Wikipedia and many other wikis across the web.
In common with the CMS apps, MediaWiki has a very pluggable architecture, making implementation of a single sign-on extension very straightforward, and I was able to get an initial implementation done in a few hours. The user interface is very like the WordPress plugin: just click on the regular ‘log in’ link to be sent to OpenSSO to authenticate; on returning to MediaWiki, the extension validates the OpenSSO cookie and uses it to retrieve the username from OpenSSO, setting up the MediaWiki session.
There is a README and source code – also available via CVS, and I’ve added the new provider plugin to the list on the OpenSSO Extensions page. As always, note that none of these extensions are supported by Sun, and all should be considered ‘proof of concept’ quality – they likely need a bit more polish (and lots more testing!) before being deployed into production.
I think that about wraps up the PHP extension story for the time being – we now have plugins for the four most common PHP web apps. Do leave a comment if you think there is another we should cover.
OpenSSO is now part of the Nationwide Health Information Network (NHIN) CONNECT Architecture. CONNECT implements a flexible, open-source gateway solution that enables healthcare entities – Federal agencies or private-sector health organizations or networks – to connect their existing health information systems to the NHIN.
Great presentation (requires registration) by Fulup Ar Foll, Master Architect and CTO of Sun Microsystems' Global Software Practice, on extending identity beyond the enterprise.
Bruno Bonfils ('asyd') describes how he's using OpenSSO, OpenID and Yubikey for cheap, secure personal single sign-on.
I was lucky enough to be able to spend some time at Burton Catalyst this last week with Pamela Dingle, looking at how to get started writing an OpenSSO plugin for Joomla to complement the plugins I recently wrote for Drupal and WordPress. Pamela, well known for her work on PHP Information Card plugins at The Pamela Project, quickly pointed me in the right direction, and it didn’t take me long after that to get something working – thanks, Pam!
As always, there is a README and source code – also available via CVS, and I’ve added the new provider plugin to the list on the OpenSSO Extensions page. Note that none of these plugins are supported by Sun, and all should be considered ‘proof of concept’ quality – they likely need a bit more polish (and lots more testing!) before being deployed into production.