Jim Faut and Rick Palkovic have been posting a nice series on how to troubleshoot OpenSSO with Firefox Add-Ons. They just pushed out two more entries in the series, which now includes:

• Part 1: Introduction • Part 2: Single Sign-On and Policy Protection • Part 3: Cross-Domain Single Sign-On • Part 4: Service Provider Initiated Fedlet Single Sign-On • Part 5: Identity Provider Initiated Fedlet SSO Fedlet deployment

These articles are worth a check even if you just want to learn about how OpenSSO works: just follow their diagrams to see the exchange of information between the parties that enable these features.

And, on this topic, you may want to track the participation of the OpenSSO team at next week's Internet Identity WorkShop; see Daniel's note.

And Happy Halloween!

The OpenSSO Community has new leadership. SuperPat left Sun; for a new job at huawei (wikipedia), in the Cloud computing team that Geoff is building. The able replacement is a long-term member of the group, Hubert Le Van Gong. Hubert has his own blog and has been tracking recent developments there: • Deploying the OpenID2.0 Extension for OpenSSO • OAuth support: a summary of our work • Follow-up: Deploying the OpenID2.0 Extension for OpenSSO • OpenID for OpenSSO: Realm/RP Validation Supported

Still on the OpenSSO area, also check out Daniel's post on Federating to Salesforce CRM in Under 5 Minutes, which is in the same series as the earlier work on Federating to Google Apps with OpenSSO.

As I just reported in a little more detail over at Superpatterns, we released OpenSSO Express Build 8 yesterday, including features such as our new One Time Password feature, the Fedlet for .Net and a new task flow for enabling single sign-on to Salesforce.com.

It's worth noting that OpenSSO Express Builds are supported builds, released on an approximately 3 month cycle between Enterprise builds. Customers simply buy support for OpenSSO and then choose which build to deploy; the main difference between the two is that we release hot patches and service packs for the Enterprise build, while fixes in the Express build are rolled into the next Express build (no hot patches or service packs). In this way, customers who are keen to deploy the very latest OpenSSO features with support can do so without having to wait up to 12 months for the next Enterprise release. More on this release in the OpenSSO Express 8 release notes; more on the Express build concept in the OpenSSO Express FAQ.

The OpenSSO Fedlet has received an Awards at the European Identity Conference for (providing) a lean solution for the Identity Federation. Some more details in SuperPat's writeup, including an interview with Pat. Congratulations to the OpenSSO team and thanks to Jacki and Dan for the tips.

There are a couple of nice short webcasts on OpenSSO. The first one builds on the latest OpenSSO Express; it is a short webcast that shows how to federate SSO to GoogleApps in 4 minutes using Express 7 and the SDK. The second is a neat iPhone App (POssO) that provides access (read/write) to an LDAP directory.

OpenSSO reached 1000 members last week. As I mentioned in my blog entry at Superpatterns, this means that 1000 people have registered at opensso.dev.java.net to be able to participate in the mailing lists and forums, and to be able to file and track issues. OpenSSO is on a real upward trend right now, with a whole bunch of events over the next few weeks, at the RSA Conference, MySQL Conference, European Identity Conference and more. See my blog entry for details, and come along if you can!

The Smoking Monkey has announced the release of OpenSSO Express Build 7, which includes key new features including: • Federation with Google Apps Premier • Additional Containers (like GlassFish v3 Prelude!) • Support for OpenDS Standard Edition OpenSSO Express is a very interesting product as it is an integral part of our official Roadmap and is fully supported. Sun will answer questions and will fix bugs on it but, unlike with OpenSSO Enterprise, customers are required to upgrade to a later Express or to the Enterprise binary to get the fixes.

The upgrade requirement means that the sustaining tail is much shorter, and manageable, which is why we can push the Express releases as often as we do. An Express release is not for all types of customers but it is ideal for those that want the latest features now and are willing to upgrade later; and those that do not want them just wait for the Enterprise releases. To simplify the sales story, the support plan for OpenSSO Enterprise includes OpenSSO Express.

Other related entries are tagged OpenSSO.

I've added SlideCasting to the recordings of the TheAquarium Online shows. The first 3 presentations are from last week's OpenSSO Overview, Adoption and Roadmap presentation; see, for example, the OpenSSO Roadmap by Sidharth Mishra. SlideShare.Net provides a nice tool to create these SlideCasts but every format adds to the time I spend on this, so I am considering dropping a format or two. Please consider visiting this Doodle Poll to vote for your favorite formats.

I just uploaded the recordings to last Thursday's Webinar, which explained how OpenSSO implements Single Sign-On, Federation and Secure Web Services with minimal chances to the existing code (the show also covered the deployment at Verizon Wireless and the roadmap). Another way to see what's happening is inspecting the actual exchanges and Jim and Rick's article shows how to Troubleshoot OpenSSO using Firefox Add-Ons: Part I, Part II and Part III.

Related Webinars and Blog Entries:
• OpenSSO Roadmap
• OpenSSO Webinar
• Entries tagged OpenSSO

PS. So far I've only uploaded the recordings in Flash Video; I'll follow-up with the other formats early next week, including a new SlideCast version. After that I will ask for your feedback on the benefits of the different formats.

This week's webinar is on OpenSSO, the open source project that provides enterprise-quality infrastructure to implement single-sign on. Sid and Ajay will present a technical overview of OpenSSO and then will explain how it is being used in a real-world deployment. The presentation will end with a roadmap for the features in future releases of OpenSSO. Presentation on Thursday, March 19th, 11am US Pacific, at TheAquarium Channel. Full details (and recordings) at the Show Page.

As Bert, Daniel and Mark have all blogged over the past couple of days, OpenSSO's release schedule is now online. The schedule lays out the features planned for the next four OpenSSO Express release, culminating in OpenSSO Enterprise 8.1, scheduled for March 2010.

This is a new level of transparency for the OpenSSO project, and shows the breadth of new features planned for the next few months, from ease-of-use improvements for federation to a completely new entitlements engine for fine-grained authorization, all phased in over a series of supported 'Express' releases, so you can try them out, deploy them and even get fully support from Sun as each feature is integrated into OpenSSO. Exciting stuff!

The Sun Identity Team is kicking off a monthly webinar program outlining our overall portfolio and how it can help you solve everyday identity challenges. The first session will be held on February 18 at 8AM PT and will provide an overview around how Sun approaches everyday identity and offer an overview of our methodology to build strong identity foundation that lasts. So . . . what are you waiting for! Register for our life changing webinar now!

Eduardo mentioned CommunityOne back in December, when he announced the call for papers. CommunityOne East, to be held at the Marriott Marquis at Times Square, New York City, on March 18-19, is fast approaching now, and I'm pleased to announce that, on the day before CommunityOne East, Tuesday 17th March 2009, the OpenSSO Community will be gathering just a couple of miles down Broadway at New York University's Kimmel Center for the very first OpenSSO Community Day.

This is a unique opportunity for OpenSSO contributors, deployers and users to get together for a whole day of presentations and discussion in an 'unconference' format - the only fixed agenda item right now is to figure out the agenda. We're collecting ideas over the next few weeks at the OpenSSO wiki; if you're thinking of attending, do go there, take a look, and add any topics you want to speak on or hear about. Admission is free, with breakfast and lunch provided, and Daniel says he'll even bankroll the first round in the pub afterward .

So, if you're heading to New York City for CommunityOne, why not go early for a day (and possibly night!) of OpenSSO. If you're based in NYC, well, you have no excuse, go sign up, right now!

Gartner recently released the Nov 2008 report on Web Access Management and Sun is now listed in the leader's quadrant (see image). This is good news, both as a recognition of our efforts and also because some customers use the Magic Quadrant to evaluate the viability of some vendors. Sun's product in this space is OpenSSO 8 Enterprise - the commercial distribution of OpenSSO. The product version runs on GFv2 but it can also be used on GFv3 prelude; just need this small workaround :-) Of course it will be fixed in the final v3.

There's been quite a bit of activity around OpenSSO; other recent news include connectivity to SalesForce, and to SugarCRM, Using simpleSAMLphp, and even a .Net prototype. If you want to track all OpenSSO news, you may want to check SuperPat (Pat Patterson) and Smoking Monkey (Daniel Raskin).

Our latest Adoption Story comes from Belgium thanks to SuperPat. Telenet (home, wikipedia) is the largest supplier of broadband cable services in Belgium. They needed fine-grained access control for internal applications and ACA-IT provided it through OpenSSO. See Questionnaire for full details.

For more adoption stories, check our Informal Stories. We are always looking for stories showcasing production use as these are critical to the growth of our community. If you are a happy user please consider sharing your story by sending us mail to stories at sun dot com.