Last week I recorded a new Identity Buzz Podcast with K. Scott Morrison, Layer 7 CTO & Chief Architect. We discussed the Sun OpenSSO Enterprise / Layer 7 SecureSpan Gateway integration. The combined Sun / Layer 7 solution offers a powerful one-two punch when trying to conquer web services security.
Essentially, the solution allows you to deploy SecureSpan as a policy enforcement point and OpenSSO as a Policy Decision Point when abstracting and centralizing authentication and authorization for your company’s web services. The SecureSpan Gateway is a nice complement to OpenSSO because it inserts an abstraction layer between the web service requesters and web service endpoints in order to govern and secure their transactions. Rather than having to deploy a local agent to protect every web service you can implement a gateway that acts as a broker to all your services.
To learn more about this integration listen to our latest Identity Buzz Podcast on the topic.
Listen Now
You can also subscribe to the feed and get episodes automatically. Here’s the iTunes friendly link and the Feedburner feed. There is also a nice article describing the integration on the Sun Developer Network titled “Delegating XML Gateway Runtime Authorization to OpenSSO.” Enjoy!

It’s heeeeeere!

Have you heard colleagues talking about OAuth, but don’t understand how it can be used in the real world? Are you looking for lightweight solutions to federate with Java and .NET apps? Would you like to offer multi-factor authentication without having to purchase token hardware for all your employees?
Watch this FREE webinar and learn how Sun Microsystems, Inc. is innovating in these areas and many more to provide simple, pragmatic solutions in a single product. You’ll learn how the latest release of OpenSSO can help you secure all your core resources with a single product regardless of whether your resources are internal, external or in the cloud.

If you have a spare hour tomorrow (Wednesday August 18th 2009) morning, join me as I will be presenting a webinar titled OpenSSO Express for Improved SSO. The webinar is at 10am PDT/1pm EDT/7pm CET for an update on the very latest features in OpenSSO Express 8 and beyond, such as mobile one-time passwords, the Fedlet for .Net, and SalesForce.com integration. We will also be previewing our OAuth Token Service.

OpenSSO is now part of the Nationwide Health Information Network (NHIN) CONNECT Architecture. CONNECT implements a flexible, open-source gateway solution that enables healthcare entities – Federal agencies or private-sector health organizations or networks – to connect their existing health information systems to the NHIN.
As part of CONNECT, OpenSSO acts as the:
1) Authentication Service for citizen registration
2) Policy Enforcement Point
3) and one of two choices for a pluggable Policy Decision Point
Read about OpenSSO and the CONNECT Reference Architecture here!

Theeeeeeeey’re heeeeeeeeere . . .

This week I have been having a blast at the Kuppinger-Cole European Identity Conference in Munich. I’ve had lots of good conversations, participated in great sessions and talked to customers and press. To top it off, we were just awarded Best Innovation in IAM and GRC for THE FEDLET. As you all know, this is my favorite feature of OpenSSO. Super lightweight federation for Java or .NET apps by adding a teeny, tiny little package to your application. No infrastructure or graduate degree needed to install. Wocka Wocka Wocka!

As promised, Sun is proud to announce the release of OpenSSO Express Build 7. This is a supported release and the first of many Express Releases leading up to OpenSSO Enterprise 8.1.
As many of you already know, the moment we finish a feature we now test it and make it available via an Express Release, which occur every three months. Customers that subscribe to OpenSSO Enterprise get complete access to these builds with support and indemnification.
Below is a list of some of the major enhancements / features.
1. FEDERATION WITH GOOGLE APPS PREMIER
Google Apps Premier Customers can now download Sun OpenSSO to deploy rapid federated single sign-on to organizations that use Google Apps as their collaboration and messaging service. The OpenSSO solution allows organizations leveraging Google Apps to use enterprise logins to access Google Apps, providing increased user adoption, improved security and administration benefits.
2. ADDITIONAL CONTAINER SUPPORT
* GlassFish Prelude 3
* IBM WebSphere Application Server 7.0
* Oracle WebLogic Server 10g Release 3 (10.3)
3. SUPPORT FOR OPENDS STANDARD EDITION
Customers can now download and deploy OpenDS Standard Edition as a user store with OpenSSO.
To read about all the new features and enhancements in OpenSSO Express 7 check out our Express 7 Release Notes.
Download OpenSSO Express 7 now.

I am very excited to announce that the OpenSSO Feature Release Schedule is now available on wiki.opensso.org. The coolest thing about this schedule is that we are releasing product every three months!!!! Every build listed in this schedule is also supported by Sun, so if you put it in to development or production you always have the option to buy an OpenSSO Enterprise license or subscription to receive support and indemnification. Pretty cool stuff! Check out the schedule by clicking the image below.