SOA projects frequently involve refactoring sets of reusable services and integrating scattered systems all over the Enterprise. The services that most frequently emerge as common across all Enterprise services include security and identity management. This type of infrastructure service enables Single Sign On (SSO) across a wide variety of services.
In an effort to accelerate SSO efforts, Sun Microsystems has launched the OpenSSO project--an Open Source access management software distribution that provides the means to build authentication, authorization, and session management for Java and web applications and web services.
Sun will be basing future versions of the Sun Java System Access Manager product on OpenSSO, much like OpenOffice.org project is the basis for Sun StarOffice Product. The OpenSSO project falls under the Common Development and Distribution License (CDDL). Information about this license can be found at http://www.sun.com/cddl/ and http://www.opensource.org/licenses/cddl1.php.
This looks like a nice Open Source Identity Management System--one that has its roots in the Liberty Alliance and a set of real world customer use cases. The following links contain information regarding the technical aspects of OpenSSO.
- Web Agent and C-API architecture document and source have been released. Read the announcement.
- Policy Service architecture document and source have been released. Read the announcement.
- Authentication Service source has been released. Read the announcement.
- Authentication Service architecture document has been released. Read the announcement.
- Session Architecture and Project Sources have been released. Read the announcement.
- Architecture and Use Case documents have been released. Read the announcement.