In many of my blogs I've written about Virtual Federation Proxy (VFP)a feature available in OpenSSO, the code base from which Sun's upcoming release Federated Access Manager 8 is derived. I've received lots of email from people asking me to explain the benefit of this feature in more detail so this blog focuses on explaining the problem that organizations are facing and how VFP can lower the overall total cost of ownership for web access management and federation infrastructure.
THE PROBLEM
Most organizations are still working toward internal single sign-on. That is, the majority of organizations still have multiple authentication points or reduced sign on (RSO). For example, an organization may still have separate sign-ons for it's Web Portal, HR System and Payroll system. It could be using Enterprise Single Sign On to simulate a SSO experience, but it still maintains three different authentication infrastructures. If that organization wants to begin federating with external service providers using all three applications it needs to deploy a federation service at each authentication point. In other words, an organization would need to deploy separate federation points for each applications -- Web Portal, HR system and Payroll system.
We had our video battle warm-up with the scrappy Ping Identity a few months ago, but now we challenge you to a little game called IDENTITY HERO!"
My teammates at Sun believe that they can rescue more identity enterprises than our competitors. Let's throw down and see who can claim the highest score!!!
My goal in life, besides world peace, is to make federation so simple my 15 month child, Taro, can do it. Now that's a lofty goal, but we're making progress towards that in Federated Access Manager 8. To give you a preview, I've prepared a screencast that shows the following:
* Configuring an Identity Provider (IDP)
* Configuring an Service Provider (SP)
* Creating a Circle of Trust between the IDP and SP
* Validating the federated connection
The goal is to give you an idea of how simple federation has become. Keep in mind, I'm marketing and I can do it. I'm also not one of those converts from engineering to marketing (light-side to dark-side), but rather come from a business background and have a BA in Public Affairs. In short, this stuff is not designed for identity experts, but rather dimwits like myself.
As always you can check all of this out for yourself at www.opensso.org. Enjoy the demo . . .
Last week, I joined Red Monk's Michale Cote and Brandon Whichard on the Identity Buzz podcast. We talked about The Fedlet, a small, light-weight way to get identity federation setup with Sun tools. Click on the link below to listen and enjoy!
We're almost there folks. Here's the final teaser around Fedlets. Around this time next week you will be drinking an umbrella drink and reflecting on the power of the Fedlet.
Many people keep asking me "What is the Fedlet?" Does it relate to identity? Well, the answer to that one is YES,DEFINITELY! Not only that, but it will also revolutionize how to solve a specific pain point in the world of identity! Some folks have also surmised that the Fedlet is somehow related to Piglet. I can assure you that is definitely not the case.
I know I've been dragging this one out for some time so we're working to pull together an Identity Buzz with Brandon and Coté to discuss "WHAT IS THE FEDLET!" That said, I will only answer their questions with either "waaaaarmer" or "coooooolder." Stay tuned.
I recently had an opportunity to write an article on securing web services using federated single sign-on. ebizQ was kind enough to publish it! (Thank you!!!) Click the image below to check it out . . .
I had the pleasure of recording the first episode of Identity Management Buzz TV a few weeks back. My first guest was Yvonne Wilson from Sun IT. Yvonne is responsible for the security and application services for Sun's internal operations. She is responsible for managing Sun's identity infrastrcuture which includes:
Holey moley is right! You don't want to miss this one as it addresses a pragmatic approach to incrementally implementing an identity architecture that scales.
I recently had a chance to sit down with my friend, Rajeev Angal, to discuss federation and Sun's approach. Check it out. Rajeev is a brilliant architect at Sun and continually blows me away with his capabilities. Also, I apologize in advance about my hair. I had a miscommunication with the experts at Supercuts. Peace out!
