The Fedlet Lives!!!

1 minute read

If you’re following OpenSSO at all, you can’t have failed to notice the recent buzz around the Fedlet - from Daniel (complete with screencast), Eve Mark D, Mark H, Tatsuo, Derrick, Marina and Daniel at Sun to Coté at RedMonk and Enrico at Tenthline.

Briefly, the ‘Fedlet’ is a package that a SAML 2.0 identity provider can create to quickly federation-enable a small service provider. The idea is that, if you’re running a single web application, you’re not going to want to deploy a whole ‘nother server to run a standalone service provider. What you want is a little package of code and configuration to federation-enable your web app. You want the Fedlet.

I’ve been wrapped up in demos and travel for the past month or so, so I haven’t had much of a chance to play with the Fedlet. Since I’m planning to demo it in my session at CommunityOne on Monday, I thought I’d better do so - I set aside this afternoon to get it working. Turns out I was a little pessimistic there - here’s what I did, in less than an hour:

  • Update from OpenSSO CVS (cvs -q update -dP) * Cleaned out previous build detritus and built the WAR file (ant clean && ant server-war)* Deployed onto [Glassfish](http://glassfish.org/) (don't forget to change GF's `-client` JVM option to `-server`, [as detailed in the release notes](http://download.java.net/general/opensso/stable/openssov1-build4/B4-ReleaseNotes.html)!)* Pointed [Flock](http://flock.com/) (my preferred web browser _du jour_) at the newly deployed OpenSSO at http://demo.example.com:8000/opensso (I alias demo.example.com to 127.0.0.1 in /etc/hosts), configured OpenSSO to use the embedded [OpenDS](http://opends.org/) instance for its configuration and user stores.* Logged in as amadmin, created a SAML 2.0 identity provider and a Fedlet.* Unzipped the Fedlet, deployed it into Glassfish.* Ran the Federation validator to check that SSO is operational.* And... [![](http://blog.superpat.com/Validated.png)](http://blog.superpat.com/Validated.png)

When you spend your time in the weeds of a project, you always half expect any given step to fail due to some issue or another. Perhaps some recent fix destabilized something; perhaps some errant process has eaten my laptop's memory; whatever. So it was extremely gratifying when all of the above passed off without a hitch. I won't tell you what I muttered under my breath as the federation validator completed and gave me the thumbs up, but the second word was "cool!" ![](http://blogs.sun.com/images/smileys/smile.gif)

Updated:

Comments

bluesheep

Pat,

It's always nice to hear from others just how easy it is to do something, and I wish I could say that were always the case. Fedlets look great and I wanted to try them out for myself.

Now, I don't have a test environment, and I'm stuck with XP for my testing, but I didn't seem to have the same luck. What OS do you use?

R

P.S. When was the last time you posted about a good whisky?

Pat Patterson

Hi Bluesheep,

I'm using Mac OS X - the big upside for me is that it's Unix underneath, so everything is 'sane'. Having said that, it should definitely work on XP - I'll pass your message on and try it on my home machine.

Last whisky post was http://blogs.sun.com/superpat/entry/ardbeg_1975_limited_edition_bottled - October 2007! Yes - I'm well overdue for another. In fact, I finished that bottle off just the other night, sadly. It was a good one.

Cheers,

Pat

Leave a Comment

Your email address will not be published. Required fields are marked *

Markdown is supported.

You May Also Enjoy