Wednesday, July 18, 2007

JBoss Portal takes an unbiased stance on Single Sign On (Part 1)

Single Sign On has been a moving target since the advent of the Dynamic Web all the way back from the Web 1.0 days. Ever since the birth of the portal concept ala Yahoo, AOL, MSN, the industry has been trying to figure out a way for subscribers to make their identities portable.

However, lack of standards and/or pure disagreements between the players led to the proliferation of myriad of frameworks designed to offer the same goal of Single Sign On.

Its finally after about 10 years we are beginning to see useful standards like SAML and OpenID bubble their way into mainstream acceptance. Even then, Microsoft with their push for WS-Federation standards seem to compete against the more widely accepted SAML standard. So it still remains to be seen where/how Single Sign On frameworks stabilize.

Regardless of the fragmentation of frameworks in the Single Sign On world, there seems to be a common goal.

  • Ability for users to make their web/portal identities interoperate seamlessly
  • Integration of portals with the *magic glue* that achieves the above goal
However, fragmentation in the Single Sign On Framework marketplace, makes this integration tricky.

After quite a bit of soul searching, JBoss Portal team has decided to provide an unbiased stance to Single Sign On as opposed to picking any particular Single Sign On framework/methodology.

End of the day, JBoss Portal is designed to integrate seamlessly with your existing Enterprise Infrastructure.

Keeping that in mind, the best strategy would be for JBoss Portal project to provide the SSO *magic glue* for some of the more widely accepted Enterprise Single Sign On frameworks.

Some of these frameworks are JBoss Federated SSO, CAS project, JOSSO project, Sun's OpenSSO etc.

Also, with an open community development approach, we welcome contributions from the community of this *magic glue* for Single Sign On Frameworks that may not be covered by the JBoss Portal team out-of-the-box.

Stay tuned for technical details for our CAS integration in Part 2 of this series.


Luc Boudreau said...

When will the portal support CAS ? Is it possible to use the ACEGI module to authenticate against CAS ?

Sohil said...

Support for CAS is being added. Currently its in experimental stage.

See here for details:

As far as Acegi goes, I am not too familiar with it myself but looking at their feature set, they do boast CAS integration. See here for details:

Ajay said...


Do we have some inputs abt integrating jboss with siteminder using JAAS.