A few weeks ago I blogged that I would start going in to detail on the OpenSSO roadmap. I’ve been a bit slow in doing this so no more procrastination on my side. Here’s the skinny on service-level monitoring.
The goal of service-level monitoring is to provide standards-based way for systems management solutions to view reports on OpenSSO component behavior, quickly view a dashboard for trends and deloyment status, diagnose problems and set threshhold alarms. OpenSSO was instrumented with the Java Enterprise System Monitoring framework APIs, which is CIM compliant, but we are now expanding it to support SNMP and plain JMX to monitor deployment status.
Within the OpenSSO community we are actively working to develop robust monitoring for large-scale deployments that allows system and network administrators to proactively manage important enterprise assets that range from physical devices to systems and applications. Through our new service-level monitoring capabilities deployers will be able to monitor their deployment health, detect and diagnose problems and use reported metrics to size deployments.
The monitoring solution will use monitoring agents and leverage existing agents such as those provided with OpenDS, GlassFish and the Java Virtual Machine. The mosaic of agents will all reporting management data to a management console, which can aggregate the information and present a single consolidated view for administrators.

Data captured by the OpenSSO monitoring solution will fall into the following categories for each OpenSSO component:
* Configuration overview : number of servers, auth modules, Realms, agent types, etc
* Metrics related to resource usage : cache sizes, connection pools, sessions, etc
* Counts on operations : authentication success/failures, authZ sucess/failures etc
* Faults and diagnostics : server/agent down, ldap health, connectivity issues, etc
* Thresholds and alerts : events emitted when certain configured limits are met — number of authentication failures exceeds limit, number of in-memory session exceeds limit, etc.
The traditional commercial release of service-level monitoring is March 2010, but as you know we support features upon completion in OpenSSO Express Builds the moment they are done, so regularly check the OpenSSO project to “monitor” development status.

Join us for the very first OpenSSO Community Day!
Hosted by New York University and sponsored by Sun Microsystems, this is an opportunity for OpenSSO contributors, deployers and users to come together in an informal ‘unconference‘ setting.
Being an unconference, the only rigid item on the agenda is to decide at 9am on the sessions for the rest of the day. You can show up and talk about any OpenSSO-related topic you like. Maybe you have an interesting deployment, a new extension or a nagging question – sessions can be discussions as much as presentations. Now, that doesn’t mean that there need be zero preparation – if you have a session in mind, go to the wiki and add it there, so folks can get an idea of the likely content ahead of time. We’ve already posted a few ideas:
OpenSSO Community Day Agenda
All are welcome, attendance is free, and continental breakfast plus lunch will be provided. We’ll likely adjourn to a nearby bar at the end of the day to continue the conversation
We’re using meetup.com to manage the registration process. Join the OpenSSO group and RSVP. And don’t delay – 5 of the 40 places are already gone!
Cheers

HOORAY! Developer.com selected OpenSSO Enterprise as the Security Product of the Year. I definitely did a Pee Wee Herman dance (see below) when I saw this one. We’re real proud of our relationship with the development community and make it a huge part of our focus. We’re glad people are noticing and expect to see lots of great things out of the OpenSSO Community again this year. Congrats everyone!

Hey All! As “Pat mentioned, I’m doing a webinar on Everyday Access, Federation and Secure Web Services on Tuesday, Januaray 21. Preso is aimed at highlighting the core problems that web access management tools address and a tiered approach to conquering them from easiest to hardest. If you want to hear my schpeal click the link below to register. I may not be the IdentiCat this time, but I promise to entertain and make some jokes at Pat’s expense.
REGISTER NOW

Happy New Year! I just finished watching a portion of the new Ping Star Wars parody. (Sorry Ping friends. I didn’t make it through the entire thing. It’s just reeeeeaaaal loooooong.) I have to laugh though when I see them making the open v. proprietary and big v. small argument because Ping’s commercial product is closed and proprietary!
OpenSSO is 100% open source, has a thriving external community and is completely free in all aspects of the word. We have lots of stories of companies deploying it on there own without Sun knowledge and from an innovation stand point we are moving at a trailblazing pace.
So . . . In the spirit of openness, it’s that time of year where I plan to outline what we’ll be doing in the OpenSSO Project over the next few months. I plan to write a multi-part series outlining the major features we will be adding to the product. To give a teaser, the core features that I’ll be writing about are listed below. Stay tuned for more details over the next week or so.
UPCOMING FEATURES FOR OPENSSO:
1. Service-level Monitoring – service-level monitoring for large scale deployments.
2. Access Entitlement Management – Fine grained authorization for protecting web objects
3. 1x Passwords using SMS – Light-weight two-factor authentication using mobile phones.
4. Password Replay / Enhanced Reverse Proxy – The ability to memorize and recall passwords for web-apps not protected by your single sign-on solution
5. Embedded Container Option – Embedding Glassfish Application Server in OpenSSO so you don’t need to deploy and configure a container prior to deploying OpenSSO
6. Ease-of-Use Task Flows – Lots more task flows that make it easier than ever to use OpenSSO services