Open All The Way Up

less than 1 minute read

It’s just one of those days - the bloggable thoughts are coming thick and fast…

For some time now, Sun has been unusual in providing the entire stack of hardware and software, from the metal right on up to the product on which I work, Sun Java System Access Manager:

Web SSO [Sun Java System Access Manager](
Web Container [Sun Java System Application Server](
Computing Platform [Java](
Operating System [Solaris](
Processor Architecture [UltraSPARC](

Well, now there is an open analogue to every one of those layers:

Web SSO [OpenSSO](
Web Container [GlassFish](
Computing Platform [Java (now open sourced!)](
Operating System [OpenSolaris](
Processor Architecture [OpenSPARC](

Open all the way up the stack - now that is cool!




Yes, cool. But my understanding is OpenSSO doesn’t yet support SAML-based authentication between a web service client and a web service provider, but may by the end of the year. Is this correct?


JBoss is not listed as a supported container… I suppose since Tomcat is a component there of there is no reason for it not two be supported, right? Familiar with DoD’s Service-Oriented Architecture (SOA) Foundation aka NCES, and the past Horizontal Fusion efforts? Would there possibly be any interest in your specific group inside of Sun entering into a Cooperative Research and Technology Enhancement (CREATE) agreement with Joint Forces Command centered around the OpenSSO efforts you describe in the development of SAML-based security for a multi-national SOA? I’m just a scummy DoD contractor. So, I can’t speak for the government, but in investigating the landscape I had an expectation for what has come to pass – the virtual open sourcing of Sun’s entire stack was a logical line of progression. My thought was to propose a CREATE with specific enphasis on the further development of SAML-support in OpenSSO to the powers that be as a possible option as we have had talks with Sun in terms of SOA related CREATE related agreements in the most general of terms, just not in the specific areas as OpenSSO as I ws not fully involved at the time. Also, how well can one leverage Access Manager or the follow on OpenSSO from outside of NetBeans, say in Eclipse? Not to be insulting, but as a software engineer myself, I would prefer to allow our team the freedom to float between whatever tool suits their own personal needs. I take it NetBeans is just populating deployment descriptors and what not for the web service and client– The reason for my comment elsewhere in your blog. Contact me at my provided email address….


Hi Michael,

Well - there's a difference between what is 'supported' and what works, perhaps with a bit of tweaking. Traditionally, Access Manager has been supported on Sun's App Server and Web Server, plus IBM WebSphere and BEA WebLogic, since those have been the containers for which customers are demanding support.

With OpenSSO, I'm not sure we've ever explicitly listed 'supported' containers. You can pretty much just drop the WAR file into anything - as I've blogged before, Tomcat is pretty widely used, despite it never having been a supported platform for Access Manager.

Bottom line - give JBoss a try and see what happens. Let us know at [email protected] whether it works or not.

I'll respond by email for the DoD/CREATE stuff. Thanks for taking the time to comment.

Leave a Comment

Your email address will not be published. Required fields are marked *