Thursday, July 14, 2005

fyi Sun to expand open-source moves into secure ID arena


Pointer to article:

Kobielus kommentary:
This is an important announcement. The underlying IdM federation components are becoming commoditized as the standards stabilize, get profiled and implemented widely, and as vendors distinguish themselves through the deeper IdM product sets. Also, more and more application server, middleware, IdM, and security infrastructure components are going the open-source route, with Sun, Novell, IBM, and pretty much everybody else (except for Microsoft) leaning strongly in that direction. Increasingly, IdM vendors distinguish themselves through professional services, vertical market applications, and IDEs.

It’s becoming possible to build an end-to-end federation IdM environment with standards-based open-source components. SourceID has been the principal purveyors of open-source IdM: SAML, WS-Federation, Liberty, etc. Separately, the OpenSAML ( and Shibboleth open-source codebases have been around for a few years. There’s also an open-source implementation of an WS-BPEL orchestration server ( that might be used as the workflow component of an account provisioning infrastructure, in conjunction with the open-source SPML implementation (

All of those are available under free open-source licenses for orgs that are serious about building federated IdM infrastructure and tailoring that infrastructure to requirements that the commercial vendor tools may not support, or may not support without considerable customization and professional services handholding.

Whether one goes with a commercial federated IdM solution or sundry open-source IdM components, the bottom line is “some assembly required.” And that doesn’t come cheap.