Meeting the Open Identity Stack Community

We’ve been thinking about this since the begining of ForgeRock, and we’ve finally set a date, a great location and even lined up Keynote speakers.

Join us on June 12th to 14th, 2013, in Pacific Grove, California for the first ForgeRock Open Identity Summit, an event for and with the community of the OpenAM, OpenDJ and OpenIDM projects. The agenda is still work in progress and will be previewed soon. But you can be part of it. A call for paper is opened, but not for long. You have up to May 6th to submit your proposals for presentations. Don’t wait for the last minutes !

A note on logistics, please make sure to book your hotel, registration is not complete until you’ve booked your room!  Space at Asilomar is filling up, so we encourage you to register ASAP to reserve your spot.

We’re looking forward to seeing you at the event!

2012 in review

The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.

But before diving in the details of the blog itself, I’d like to do a short personal and professional review of 2012.

2012 has been an amazing year. We’ve grown ForgeRock at an incredible pace, doubling the staff, globally as well as in France. We’ve moved to new offices, with some extra space to welcome additional stars to our band (yes, we’re still hiring and looking for developers with excellent Java programming skills). We’ve made available 3 releases of OpenDJ, 3 of OpenIDM and 1 major release of OpenAM. However we missed our target of releasing OpenDJ 2.5. With the growth of the team and the company, we’ve made the OpenDJ release more ambitious than originally planned, adding a REST/Json to LDAP service, to facilitate the development of applications that need to access the data. All of it should be available in the coming months.

Blogging wise, I’m satisfied with the ratio of articles published until July, then the workload has impacted my ability to write as often as I would like… Part of the new year resolutions is to resume posting here at a regular pace, similar or better than in 2012. I hope you will enjoy reading and joining the discussion…

Now with the annual report :

Here’s an excerpt:

4,329 films were submitted to the 2012 Cannes Film Festival. This blog had 34,000 views in 2012. If each view were a film, this blog would power 8 Film Festivals

Click here to see the complete report.

OpenAM 10.0.0 is now available…

This is a big milestone for ForgeRock and the OpenAM project, an open source WebSSO, Authentication, Authorization, Federation and Entitlements solution. After months of development (a few more than we anticipated), we’ve finally released OpenAM 10.0.0, a major version of the product.

OpenAM 10 brings a set of new features, including support for OAuth 2.0 client authentication, the ForgeRock Identity Gateway (built out of project OpenIG), enhanced SAML 2 identity provider capabilities, a new Risk Based Authentication module, …  It also now relies on OpenDJ 2.4.5, the latest stable release of OpenDJ the open source LDAP directory server, and supports the internet-draft based LDAP password policy. You can find more details  in the press announcement, or the product release notes. The documentation of the OpenAM 10 release can be read at http://docs.forgerock.org/en/index.html?product=openam&version=10.0.0.

The OpenAM 10 release owes a lot to the OpenAM community, for the issues raised : a total of 41 issues fixed in OpenAM 10 were raised by 26 different persons, and for the generous patches offered to fix over a dozen of these issues.
To each and every contributor : THANK YOU !

OpenAM universal gateway presentation at RMLL 2011

Last month, just before the French national day, I was in Strasbourg to participate in the RMLL.

Photo by Sebastien Bahloul

On the occasion, I did a presentation in the security track, about OpenAM Universal Gateway, another piece in the complex puzzle of Web Single Sign-On. The Universal Gateway solves an important problem in Access Management: allowing single sign-on for applications that are usually left out because they are based on legacy or non standard based technology.

The Universal Gateway comes from ApexIdentity, an acquisition that ForgeRock did in the spring. It’s been released in open source as part of the OpenAM source code repository.

The presentation I did was in French, and so are the slides.

You can find more about the Universal Gateway on ApexIdentity web site, and soon on OpenAM documentation.

What’s up ? Doc !

It’s been a few very busy weeks and I haven’t found the time to properly introduce a new member of the ForgeRock Grenoble Engineering Center : Mark Craig.

After Matthew who joined us as Architect for OpenDJ, Gary who is covering Quality Assurance for our products, Mark Craig has joined us on the 1st day of April to cover a very important part of any real Product : the documentation.

Mark comes from Sun Microsystems (and a few months at Oracle) where he has played different roles, from technical writer, to manager for all technical writers in the Identity Management BU, to managing the Directory Integration Team responsible for customer interactions and audits, performance benchmarks and assisting POCs. At ForgeRock, Mark goes back to his roots and things he enjoys and excels in: writing.

You can read Mark’s prose on his new blog (Margin Notes 2.0), OpenDJ blog or already on ForgeRock documentation wiki.

OpenAM – The Book

For many years, I’ve been working in collaboration with the Sun access management product team,  as it started working on the Directory Server Access Management Edition (DSAME) product that years later became Sun Access Manager and OpenSSO. And now that I’m at ForgeRock, I have the pleasure to keep working with some members of that team, on OpenAM, the continuation of the OpenSSO open source project.

My knowledge of the product is rather shallow as I’ve worked on several case studies or issues related to customers and LDAP directory servers, but I never had a chance to deploy a service for production use or even extensive testing.

So when I learnt that Packt Publishing was releasing a book on “OpenAM”, writen by Indira Thangasamy, an ex-colleague of mine and manager of the Quality Assurance team, I asked if I could get a copy for review, which Packt kindly agreed to.

I haven’t finished the book yet, as it’s over 250 pages of content, covering all aspects of the OpenAM software, from its history, its components and services, to its integration with Google Apps or SalesForce… But from what I’ve read (about 2/3 of the book), I can say that the book is easy to read and well organized. It helps a beginner to grasp the concepts and starts using the product, thanks to the detailed explanations and diagrams. As the chapters advance and dive into specific technical areas, Indira uses real-world examples and simple code or commands, followed by detailed description to illustrate what OpenAM does or does not, giving a comprehensive picture of the fully featured product.

Some of the features of OpenAM are not covered in the book, like Federation or the most recent Entitlement Services or Secure Token Services. I hope they will be covered in a revised edition or may be another book, as these features are becoming more used and important to enterprise security and access management.

In summary, if you’re about to, or have just started to engage on a project with OpenAM, this book will help you understand the technology and ease your ramping up. But even for the more experienced users of OpenAM, the book contains full of details, tips and example that will save you time and make you more efficient.

You can find the book on Pack-Publishing web site or Amazon.

New releases of OpenAM and OpenDJ !

It’s the happy hour, with a double release day at ForgeRock.

OpenAM 9.5.2 has just been released, along with the J2EE Agents 3.0.3 and are now available for downloads from ForgeRock. You can find the release details in the Release Notes.

OpenDJ 2.4.1 has also been released today. The patch release can be found on the Downloads page in various forms: Java WebStart Installer, Zip package or SVR4 package. The Release Notes have been posted on the Documentation wiki.

The First OpenAM Book

The first book on OpenAM, the open source web single sign-on and federation project, will be released very soon (it should be Jan 21st 2011), and it’s been written by one of my former and well esteemed colleague Indira Thangasamy.

I haven’t reviewed the book yet, but I’m expecting to have a review copy in my hands pretty soon (thanks again Indira and Packt Publishing).

However, if you want to get a feel of the book content, Indira has posted a very detailed table of content of the book, and some background information about it. I’m really looking forward reading the book and discovering some hidden gems of OpenAM. Also, this will help me to rethink the way the Configuration Store and User Store are considered and help improving the integration with OpenDJ, the Open source LDAP Directory services in Java, currently used as the embedded configuration store.

The book is already available for Pre-Order.