Markmail is kind of cool as it archives emails. I was looking at it today to see OpenSSO’s archive and found this.
Gee, I have sent over 9000 emails to OpenSSO’s email aliases for the past 4 years.
That’s 2381 emails per year. About 9 emails per day (excluding weekends). So, 1 email per hour! (8-9 hours work day). 
Filed under: OpenSSO | 1 Comment »
Finally, we have moved the entitlements service (an OpenSSO extension) to the products directory i.e. opensso/extensions/entitlements to opensso/products/ directory (if you are familiar with OpenSSO workspace).
Here is where you can find the source code for entitlements service.
Entitlements Service is released part of OpenSSO Express 8.0.
Filed under: OpenSSO | 4 Comments »
There was a question posted to our internal (Sun) alias, and I think I should share it out for the benefit of OpenSSO community. The question was “How to update OpenSSO configuration store password?”
There are two types of datastore in OpenSSO server, namely the configuration datastore and user datastore. As the name suggest, the former stores the configuration data that are required by OpenSSO server to operate properly. The latter stores users related information, such as role, group and user entries.
It can be done through Command Line Interface or Administration Console.
The Command Line Interface way.
The Administration Console Interface way.
Filed under: OpenSSO | Leave a Comment »
We have recently modified our Java build target to 1.5. Hence, you need Java Runtime version 1.5 and above to run OpenSSO Client. The Java runtime version requirement for OpenSSO server remains unchanged i.e. 1.5.
This new client runtime requirement shall be in our next official release i.e. OpenSSO Express 8 which is scheduled to released in a couple of months from now.
Filed under: OpenSSO | Leave a Comment »
OpenSSO team has a busy week ahead.
Open discussions on all OpenSSO related features.
Hands On Lab. Web Application Security with OpenSSO.
Monday June 1, 1:40 – 3:30 PM by Himanshu Vijay and Baby Sunil.Pragmatic Identity 2.0: Invoking Identity Services with a Simplified REST/ROA Architecture.
Monday June 1, 11:50 AM – 12:40 PM by Daniel Raskin,Deep Dives. Identity Management with OpenSSO: Deploy an Identity Management Solution in 4 hours Learn how to build an identity management solution based on OpenSolaris, Open DS, and Sun OpenSSO Express 7.
Wednesday, June 3, Morning Session. by Mrudul Uchil and David Goldsmith.
BOF-5275 – Using and Participating in the OpenSSO Project
Tuesday night, June 02, 9:30 PM – 10:20 PM hosted by Sean Brydon, Pat Patterson and Aravindan Ranganathan.TS-5295 Designing and Building Security into REST Applications
Wednesday, June 03, 2:50 PM – 3:50 PM by Sean Brydon, Aravindan Ranganathan, Paul Bryan.TS-4012 – Pragmatic Identity 2.0: Simple, Open, Identity Services Using REST
Thursday, June 04, 10:50 AM – 11:50 AM by – Pat Patterson and Ron Ten-Hove.LAB-6727 – Web Application Security with OpenSSO: From Simple Log-In to Single Sign-On to Federation
Thursday, June 4, 1:30 – 3:00 pm by Pat Patterson, Himanshu Vijay and Baby Sunil.BOF-4903 – A RESTful approach to identity-based web services
Thursday, June 04, 7:30 PM – 8:20 PM by Hubert Le Van Gong and Marc Hadley.
Filed under: OpenSSO | Leave a Comment »
As we have already shipped OpenSSO Enterprise 8.0; and we are working on the next official release, service schema XML files are likely to change (upgrade). Here is the PERL script that finds them.
Remember to set the values of $EIGHT_DOT_ZERO and $CURRENT
#!/usr/bin/perl -w
use strict;
my $EIGHT_DOT_ZERO = '/home/dennis/workspace/opensso8.0';
my $CURRENT = '/home/dennis/workspace/opensso1';
my %eightdotXMLs;
my %currentXMLs;
getServiceXMLs(
"$EIGHT_DOT_ZERO/opensso/products/amserver/xml/services",
\%eightdotXMLs);
getServiceXMLs(
"$EIGHT_DOT_ZERO/opensso/products/federation/openfm/xml/services",
\%eightdotXMLs);
getServiceXMLs(
"$CURRENT/opensso/products/amserver/xml/services",
\%currentXMLs);
getServiceXMLs(
"$CURRENT/opensso/products/federation/openfm/xml/services",
\%currentXMLs);
foreach (keys %currentXMLs) {
my $name = $_;
my $rev = $currentXMLs{$_};
if (! defined $eightdotXMLs{$name}) {
print "$name ($rev) \n";
}
}
}
sub getServiceXMLs {
my $base = shift;
my $hash = shift;
opendir(DIR, $base);
foreach (readdir DIR) {
my $f = $_;
if (($f !~ /^\./) && ($f =~ /\.xml$/)) {
getRev("$base/$f", $hash);
}
}
closedir DIR;
}
sub getRev {
my $file = shift;
my $hash = shift;
my $f = $file;
$f =~ s/.+\///;
my $buff = '';
open(FILE, $file);
while () {
chomp;
$buff .= $_;
}
close FILE;
if ($buff =~ /<Schema .+?revisionNumber="(.+?)"/) {
${%{$hash}}{$f} = $1;
} else {
${%{$hash}}{$f} = 0;
}
}
Filed under: OpenSSO | Tagged: Open | 2 Comments »
I was at Borders on Saturday and was reading Clean Code by Uncle Bob. It mentioned that quality of code is measured by WTF/minute. Look at this Cartoon to understand what he meant.
Many of us have encountered this before. i.e. looking at a piece of code and go WTF, WTF, WTF …. It is very difficult to review code in cases like this. Comments were lacking or missing; methods were over 100 lines long (btw, the suggested length of a method is 24); and code was not well indented.
This book is very easy to read because many of the things written in it were common sense. For instance, “bad code functions too”; bad code causes organizational loss because of defects and difficulty in maintaining it (now why people are ignoring this?); have small classes and methods; etc.
Uncle Bob has done a good job in writing this book. Do get a copy of it if you are a software developer AND want to write clean code
Filed under: software development | Leave a Comment »
From the creator of OpenSSO Diagnostic Tool
We have developed an initial version of Diagnostic Tool to assist in identifying possible OpenSSO configuration issues. The current Beta version is bundled inside ssoExternalTools.zip and is available under the nightly builds for download. Even though this Beta version is not officially supported as yet, any comments/suggestions/issues are welcome to assist in enhancing the tool.
Filed under: OpenSSO | Tagged: OpenSSO | Leave a Comment »
<html> <body> <form action="http://www.example.com:8080/opensso/identity/read" > <input name="name" value="group1"/> <input name="attributes_names" value="objecttype"/> <input name="attributes_names" value="realm"/> <input name="attributes_values_objecttype" value="Group"/> <input name="attributes_values_realm" value="/"/> <input name="admin" value="AQIC5wM2LY4SfcwHRXo4oE+yuHQ0BPQD+GZ1/Qd5tCzO9X8=@AAJTSQACMDE=#" /> <input type="submit" /> </form> </body> </html>
Filed under: OpenSSO | Tagged: OpenSSO | Leave a Comment »
You will run into issue when you deploy opensso.war on
Glassfish v3 prelude (I think even Sun Web Server 7 update 3)
After you have successfully login to console, the request
is redirected back to the Login page.
Several people have already reported this problem.
Here is what happen. OpenSSO sets a cookie with value containing “=”. and Glassfish truncates the cookie value. Since OpenSSO server cannot get the entire cookie value, SSO Token cannot be created.
An issue is filed on Glassfish.
Filed under: OpenSSO | Tagged: OpenSSO | 4 Comments »
