OpenSSO, neglected by Oracle, gets second life

ForgeRock assumes control of authentication technology first developed by Sun

A Norwegian startup is assuming responsibility for maintaining an open source Web authentication technology originally developed by Sun Microsystems, and seemingly neglected by Oracle, which purchased Sun in January.

The company, ForgeRock, has released a new version of Sun's Open Single Sign On (OpenSSO) Enterprise software, called OpenAM, that adheres to the OpenSSO roadmap established by Sun.

"It's a pretty easy migration path for all the customers who have found themselves stranded on OpenSSO. They can safely migrate to a current version," said Simon Phipps, chief strategy officer at ForgeRock, and former chief open source officer at Sun. Phipps was one of a number of employees who have joined ForgeRock since Oracle's purchase of Sun.

Oracle continues to display a page on its Web site for OpenSSO, though it has removed the free downloadable version of the product. The company has not made any announcements about future releases of the software, and did not respond to a request for comment.

In February, ForgeRock issued its first release of OpenAM -- the name was changed for trademark reasons -- which was basically a snapshot of Sun OpenSSO Enterprise 8. OpenAM 9.5 is the first version that upgrades the software from the Sun version.

The software package includes a number of updates, including the ability to support version 2 of the Security Assertion Markup Language (SAML), a standard for exchanging authorization information across different systems. It also includes a new monitoring framework, and a new version of the directory server, called OpenDS. Patches issued since the last release of OpenSSO have also been rolled into the new version, and various bugs have been fixed as well.

Sun created OpenSSO in 2005 as an open source version of the Sun Java System Access Manager, licensing the software under the Common Development and Distribution License (CDDL). The software was designed for large transactional Web sites that require users to log in and keep accounts.

"This enterprise identity middleware was actually a big success at Sun. It was doing very well at competing with IBM, Oracle and CA," Phipps said. The company estimates that OpenSSO has a customer base in "the low four digits," said Allan Foster, who heads U.S. operations for the company and is a former Sun support manager for OpenSSO.

"Pretty much every day we get an e-mail from some company that was doing an evaluation of OpenSSO, and they want to move on to a pilot or even a full-production deployment, and they discovered that they can't buy a subscription to it, so they come to us," Phipps said.

Upgrading from OpenSSL Enterprise 8 to OpenAM version 9.5 should be a largely painless transition, Phipps promised. Those using the older version of OpenDS may have to do some work to upgrade to the newer version of that server but "on the whole, customers will find that this is a pretty seamless update," Phipps said.

While the software itself is open source, ForgeRock sells enterprise subscriptions for support and maintenance. At least one other company, OSSTech in Japan, is also working on and selling support for OpenAM. OpenAM is one component of ForgeRock's I3 enterprise platform, which also includes OpenESB (an enterprise service bus), OpenIdM (an identity access manager) and OpenPortal.

Last week, at the O'Reilly Open Source Conference (OSCON), held in Portland, Oregon, Phipps gave a talk about how an open source project can survive after it loses corporate support. In addition to working with OpenAM, Phipps is also on the governing board for OpenSolaris, another open source software package inherited by Oracle whose future remains uncertain.

In the case of OpenSolaris, Phipps noted that there are portions of the operating systems that are not open source, and so assuming control of the software would be difficult for the OpenSolaris community, or another company. Another roadblock to OpenSolaris' survival outside of Oracle is that most of the engineers who worked on OpenSolaris were Sun Microsystems employees, and now are Oracle employees. Unless Oracle allows them to continue contributing to the code base, it is doubtful that enough outside expertise exists to keep maintaining and improving the OS.

In the case of OpenSSO, ForgeRock has hired a significant number of ex-Sun engineers who are familiar with the product. Most did not develop the software itself, but rather worked as customer support specialists who were highly knowledgeable with the code base, Phipps said.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Join the PC World newsletter!

Error: Please check your email address.

Tags open sourceForgeRocksecuritymiddlewareAccess control and authenticationsoftwareSimon PhippsopenssoOracle

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Joab Jackson

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?