InfoQ

News

Higgins 1.0: Identity Management Solutions from the Eclipse Foundation

Posted by R.J. Lorimer on Feb 28, 2008 09:53 PM

Community
Java
Topics
WS Standards ,
Identity Management ,
Web Services
Tags
Eclipse Higgins ,
Eclipse
Identity management for networked and distributed applications continues to present several unique challenges for users and developers. Protocols such as OpenID and WS-Trust have emerged as distributed identification protocols to help enable a more globally available authentication scheme.

Earlier this month, the Eclipse Foundation announced the release of Higgins 1.0. Higgins is a suite of identity management solutions from the Eclipse foundation, created with the intent of simplifying and adding consistency to online authentication. The software infrastructure provided by Higgins is specifically targeted at providing a consistent interaction for users with multiple authentication protocols:
 
Higgins is not another identity protocol like OpenID, SAML, or WS-Trust; it is a framework that allows software developers to integrate and leverage multiple protocols within their applications. Specific identity protocols, like OpenID, which is very important for solving password management for things like blog, wikis, etc., are popular with specific users for specific use cases; however, the Project Higgins community believes there will continue to be multiple identity protocols used to support differing identity scenarios. Instead of requiring a developer to become proficient in all protocols, they can now use Higgins to gain support for them all.

Higgins is built around the concept of information cards, which are simply visual representations of a digital identity. The various components of Higgins are centered around helping end users interact with information cards, as well as enabling developers to support identity cards as a form of authentication in their respective applications.

There are three components provided by Higgins for enabling information-card authentication:

First, it provides multi-platform “identity selector” applications that end-users can use to sign-in to web sites and systems that are compatible with the emerging user-centric “Information Card”-based (or “i-card”-based) approach to authentication. This approach promises people fewer passwords, more convenience, and better security.

Current end-user solutions available include:
  • A GTK/Cocoa selector, which includes a Firefox extension to launch the selection interface when a website requests i-card authentication.
  • An Eclipse RCP-based desktop application which supports integration with Internet Explorer 7 to prompt for i-card selection on website request.
  • A distributed, embedded Firefox-plugin-based selector -Where-as the first two solutions provide a local registry and selection service for managing information cards, this solution is an early representation of using a remote server to act as a distributed card registry.
Second, it provides complete “identity provider” web services as well as the “relying party” code necessary to enable websites and systems to be information card- and OpenID-compatible. Software developers can incorporate this "relying party” code into their applications to make it easier for their users to login to their site. There are currently two web-site developer solutions available:
  • STS IdP - An identity provider solution utilizing WS-Trust.
  • SAML2 IdP -An identity provider solution utilizing SAML2

Third, it implements the Higgins Global Graph (HGG) data model and the Higgins Identity Attribute Service (IdAS). Developers now have a framework that provides an interoperability and portability abstraction layer over existing “silos” of identity data. For the first time, IdAS makes it possible to “mash-up” identity and social network data across highly heterogeneous data sources including directories, relational databases, and social networks.

The HGG/IdAS layer of Higgins offers integration opportunities between several identification protocols such as OpenID, WS-Trust, SAML, and LDAP.

Higgins has received industry support from several companies that provide identity-management solutions including: IBM, Microsoft, and Novell.
Microsoft authored a similar technology to Higgins information cards with Windows CardSpace (initially released in 2006); Higgins identity selector solutions are compatible with CardSpace-enabled applications.

At the Eclipse project page, more information is available regarding Higgins identity solutions, and downloads are available for Higgins 1.0 solutions and components.

Related Sponsor

The Adobe Flash Platform provides everything you need to develop applications, content and video across operating systems and devices.

1 comment

Watch Thread Reply

Higgins by Danny Fame Posted Jul 6, 2008 5:26 PM

  1. Back to top

    Higgins

    Jul 6, 2008 5:26 PM by Danny Fame

    Openid have great support from google. Higgins is another great ID management solution which need greater support from our internet giant search engine. Hopefully higgins will be widely used. Danny - meteko

    Reply

Educational Content

Bindings, Platforms, and Innovation

This presentation focuses on the Internet and separating myth from fact, history from the future, and the mundane from the imaginative. Bob Frankston presents a vision of what could and should be.

  •  Jul 02, 2009,
  •  

Orchestrating Long Running Activities with JBoss / JBPM

This article explores the use of JBoss and jBPM to implement design solutions that effectively address the issue of orchestrating long running activities.

  •  Jul 01, 2009,
  •  

Neo4j - The Benefits of Graph Databases

This presentation covers the use of graph databases as an optimal solution for data that is difficult to fit in static tables, rapidly evolving data or data that has a lot of optional attributes.

Realistic about Risk: Software development with Real Options

This session introduces Real Options and shows how it can help in running your project. Real Options is a decision-making process that can be used to manage risk.

  •  Jun 30, 2009,
  •  

Communication Flexibility Using Bindings

This article discusses the use of bindings on services and references (including the instance of non-configured bindings) as the means to implement SCA communications in a Web and SOA environment.

  •  Jun 30, 2009,
  •  

Writing DSLs in Groovy

After a short introduction to DSLs, Scott Davis plays with the keyboard showing how to approach the creation of a DSL by typing working snippets of Groovy code that get executed.

Scaling Agile with C/ALM (Collaborative Application Lifecycle Management)

IBM Rational and InfoQ present, Scaling Agile with C/ALM, an eBook showing organizations how to become “finely tuned software delivery machines” by enabling team integration and scaling.

Concurrent Programming with Microsoft F#

Amanda Laucher presents a real life enterprise application written in F#. She shows actual code snippets, explaining design decisions and suggesting how to use some of the F# constructs.