The OpenSSO Community has new leadership. SuperPat left Sun; for a new job at huawei (wikipedia), in the Cloud computing team that Geoff is building. The able replacement is a long-term member of the group, Hubert Le Van Gong. Hubert has his own blog and has been tracking recent developments there: • Deploying the OpenID2.0 Extension for OpenSSO • OAuth support: a summary of our work • Follow-up: Deploying the OpenID2.0 Extension for OpenSSO • OpenID for OpenSSO: Realm/RP Validation Supported

Still on the OpenSSO area, also check out Daniel's post on Federating to Salesforce CRM in Under 5 Minutes, which is in the same series as the earlier work on Federating to Google Apps with OpenSSO.

Our Stories blog tracks informal adoption stories of our middleware Open Source projects. Most of the initial stories centered on the GlassFish Server, but over time we have been expanding from there with a few stories on OpenMQ and OpenSSO and in the last days we added two more.

SSOCircle is an open identity provider that uses OpenSSO to support SAML 2.0 and OpenID and others in federated single sign-on. SSOCircle went live in Feb 2007; check their full story with more details via the usual questionnaire. CDOVaR.Net is a service provided by CDO² to financial institutions to transparently harness grid computing to manage their portfolios. They needed an LDAP server and chose OpenDS. Check the story and questionnaire.

Sun Developer Network technical author Marina Sum recently published a short interview with Paul Bryan, a Sun technical specialist working in identity management. As mentioned in the interview, Paul was the very first external committer on the OpenSSO project back in 2006. He went on to write the OpenID Extension for OpenSSO before joining Sun towards the end of last year.

Discover how Paul is working with OpenSSO to fight phishing and identity fraud.

Sun announced its support for OpenID a few weeks back at JavaOne and even published a Non-Assertion Covenant. Today, the OpenID Service from Sun (a complete OpenID 1.1 identity provider) is now open for business and while it is for Sun employees only (34,000 of them), it's built using GlassFish sister projects OpenSSO and OpenDS which both now include OpenID extensions and which we encourage you to use to setup a similar service.

The goal is to take OpenID to the next level (beyond blog comments) and specifically apply it to the enterprise as implied here. Look for further developer support in the upcoming releases of the Sun Web Developer Pack and for the 34,000 of us on the blogosphere...

I like Trey's approach (shown at GlassFish Day) to spreading the word about OpenDS by building some useful and interesting artifacts. I believe his OpenID server has not yet been released but the Atom Server (GlassFish front-end, OpenDS back-end) has and it is getting some nice recognition ([1], [2], [3], [4]). Trey has a nice post Describing the Project. Additional details at the project website and wiki. To integrate OpenDS with GlassFish check Trey's earlier entry.

Visit Session #4 of GlassFish Day and Travel to the Future to the future... The session will cover at least these two topics:

•  Jerome will present the plans for GlassFish v3, a server-side Java container that scales from small devices to enterprise deployments, loads services on demand, uses classloaders to isolate class dependencies, starts very fast and has low resource comsumption. Status update and demo will be included. •  Trey will show and demo the latest news on OpenID support in OpenSSO and OpenDS.

I believe that compressed versions of the demos shown in this session may also show in some of the keynotes at JavaOne. A big difference is that at GlassFish Day you will have the opportunity to grill/question the presenters in a much smaller setting :-)

GlasssFish Day is part of CommunityOne; events include keynotes by Jonathan and Rich as well as multiple tracks, multiple demo stations, free lunch and goodies, and complimentary access to some JavaOne events next day. Attendance is free but limited and you need to register.

Following on from last week's entry on OpenID on OpenSSO, we rolled the new OpenID code into OpenSSO over the weekend and are today announcing OpenSSO Extensions (more detail in my blog entry at Superpatterns) - an incubator for OpenSSO. The OpenID code is there, as is the existing 'Lightbulb' SAML 2.0 PHP and a new Client SDK for OpenSSO implemented in PHP.

The idea is that, if you have an idea for a cool extension to OpenSSO, maybe a new authentication module or identity repository plugin, you can work on it in the OpenSSO community, with the code hosted in a 'sandbox' under the opensso/extensions tree. As extensions mature we'll look at migrating them into the OpenSSO core.

As I just blogged at Superpatterns, Paul Bryan is working on an OpenID implementation for OpenSSO. It's 'alpha' quality right now, but you can go to openid.pbryan.com, grab a test ID and take it for a spin - there is a whole list of working relying parties there.