OpenSSO Tab Sweep - Mar 27 2009

As always, a bumper crop of OpenSSO news from the last couple of weeks…

• One piece of advice I often give to people wrestling with tricky issues relating to redirects and cookies is to download the LiveHTTPHeaders Firefox plugin, or its IE equivalent ieHTTPHeaders. In Troubleshooting OpenSSO with Firefox Add-Ons, Jim Faut and Rick Palkovic explain just how to use LiveHTTPHeaders and HackBar, which is a new one on me. Where LiveHTTPHeaders gives you detail on the HTTP requests and responses flying back and forth, HackBar lets you drill into the associated data, removing layers of URL and Base64 encoding from URL parameters and HTTP headers. Jim and Rick get right into the detail of the OpenSSO login process, using the tools to uncover what is really going on. A great read for anyone wanting to go under the covers of OpenSSO.
• One that got away from me here on Superpatterns, though Eduardo covered it at The Aquarium - Sidharth Mishra, OpenSSO Technical Product Manager and Ajay Sondhi, OpenSSO Deployment Engineering Manager, presented a webinar last week covering OpenSSO - Overview, Stories and Roadmap last week as part of The Aquarium Channel. Ajay’s section includes details of the Verizon Wireless deployment I’ve mentioned before, so this is well worth investigating if you’re interested in ultra high-scale OpenSSO deployments.
• We just got done with CommunityOne East, last week in New York City, CommunityOne West will run alongside JavaOne in San Francisco in June, but did you know about CommunityOne North? On April 15th, CommunityOne comes to the Folketeatret in Oslo, Norway. Flying the flag for OpenSSO will be Jonathan Scudder, a consulting identity architect, with a session on Developing Secure Web Services for the Cloud. More details at the Community One North Content Catalog - Jonathan’s session is at 13:00 in Breakout 1.
• While we’re ‘out in the community’, Qingfeng Zhang, a Senior Java Developer at the University of New South Wales, Australia, has posted a video showing how to install and configure OpenSSO on Tomcat on Windows. I know folks often stumble when deploying OpenSSO on Tomcat, since, compared to GlassFish, there are a couple of additional steps required. Qingfeng’s video clearly shows how to get it done.
• Back at Sun, Metro supremo Harold Carr presented at the Utah Java Users Group last week on Metro, Jersey, GlassFish, OpenESB and OpenSSO - a real whirlwind tour, particularly since he only had a 20 minute slot! Harold has posted slides, plus Q&A and other notes from the session.
• Finally, DocTeger has rewritten Chapter 11 of the Sun OpenSSO Enterprise 8.0 Technical Overview: Choosing a Federation Option. The new version is much clearer on the relative positions of the various federation protocols - use SAML 2.0 where possible, WS-Federation if you really need to integrate with ADFS, and SAML 1.1 or Liberty ID-FF only if you’re connecting to partners with no SAML 2.0 capability. Great job, Michael!

That wraps things up for another week - I’m off to jump in the Patmobile and brave 101. See you next time!