OpenSSO Build 4

It seems like only two minutes since Build 3, back in February, but OpenSSO v1 Build 4 was released today. Binaries are available at the OpenSSO download page, here are the release notes.

So, what have we been working on?

• New OpenSSO configurator - let us know what you think about the new configuration UI (mailing lists are here).
• WS-Trust Security Token Service (STS) is available on Glassfish, Sun Application Server, Sun Web Server, Geronimo, Tomcat and WebSphere - we’ve done a lot of trickery with classloaders to get this working across a wide range of containers. We’re still working on support in Oracle Application Server, JBoss and WebLogic Server.
• Simplified STS client sample
• Configuration and/or user store replication across multiple OpenSSO instances where the embedded instance of OpenDS is in use.
• Security/SSL related fixes
• General bug fixes in all areas

Here’s a full list of the more than 200 fixes in build 4. Go update your CVS or grab the binaries now and see how it works for you - and please, read the release notes for container-specific installation instructions - in particular if you’re using Tomcat. There are some changes to Tomcat’s cookie handling in releases 5.5.26 and 6.0.16 that cause problems for this build of OpenSSO.