40 likes | 213 Views
Gluu’s entrance into the market promises to bring down the cost for organizations to use federated identity technology. Gluu is seeing adoption in the US, Europe, the Middle East, and Asia in the government, education, and commercial sectors.
E N D
Gluu’s IDnext 2013 Novay Digital Identity Award Submission Gluu started the OX project in 2010. The goal was to open source portions of Gluu’s commercial identity platform. Since that time, the project has become one of the most comprehensive implementations of The OpenID Connect profile of OAuth2. The fifth OpenID Connect Interop is going on right now, and Gluu’s server is expected to have an equally strong showing. Current results compare favorably with other participants. The OX project provides a much needed administrative interface for the Shibboleth Identity Provider (“IDP”), which Gluu uses as part of its identity stack to provide SAML federation capabilities. In 2012, Gluu added support to OX for the UMA profile of OAuth2. In fact, Gluu defined and Implemented a new use case for UMA, which was developed into a case study called “Access Management 2.0 for the Enterprise.” This case study, which was one of the most visited sites at Kantara after its release, helped to accelerate market interest in developing UMA technology. Currently an UMA Interop is planned for early 2014 with Gluu, Forge Rock and others participating.
Recognizing that an easier approach was needed to enable web developers to use the OpenID Connect and UMA profiles, Gluu launched a Crowd Tilt campaign to fund plugins for The Apache web server. This effort was successful, and not only raised money for open source development, but it raised awareness for OpenID Connect and UMA. Developers are engaged, and coding is under way for these plugins. Gluu’s entrance into the market promises to bring down the cost for organizations to use identity provider saml. Gluu is seeing adoption in the US, Europe, the Middle East, and Asia in the government, education, and commercial sectors. The platform is particularly good for large B2C SSO deployments. For example, the State of Texas is rolling out a system for 3 million K12 students. OX is under consideration to revolution voting in two countries. While people might not see the OX platform, it may enable some of the authentications and Authorizations behind the scenes for new web and mobile services. Gluu has also been on the forefront of introducing new standards to OpenID Connect to Support multi-party federation. These endpoints are already supported in the OX project. One of the most significant innovations in the OX project was the use of interpreted scripts to enable organizations to customize the behavior of their IDP.
Gluu enables five different “Interception points” that enable domains to use simple Python scripts to implement very custom workflows to meet the needs of their organization, especially for authentication and authorization. In previous access management platforms, you could use Java or C to customize behavior. But it was hard for many system administrators to compile and deploy changes to business logic. The OX interception approach makes it much easier for organizations to use new authentication technologies and to implement federated authorization policies. OX was designed from the ground up to be easy enough for small domain installations, butto scale to large B2C requirements. It supports clustered deployments for maximum business continuity. The application is stateless—no sessions are used—and uses LDAP as the underlying persistence layer, as is common with many other access management suites. In addition to the OX server software, the project also publishes client software. In fact, the OX OpenID Connect RP is used by many of the participants to test their implementation. A The OX platform represents one of the most significant new additions to open source access management software since the release of Shibboleth and Open SSO, both of which occurred many years ago. Additional, optional, material clarifying the submission, if any: The Gluu Service is based on OX software. There are many videos with demos available at Motivation why it qualifies for the award (max. 500 words): Supporting new protocols is not just a race to implement the most endpoints.
We set out to write the OX software because we couldn’t train Gluu engineers to modify XML files by hand. We needed something that was easier and less error prone. OX has become one of the most usable and flexible access management platforms available. Gluu uses the OX software to deliver a utility access management service to organizations. But we made the software available under the MIT license, which enables organizations to embed or use as they see fit. The goal is to make access management available to many more organizations, not just those large enough to purchase expensive commercial identity / access management suites. No one benefits if a domain does a bad job of authentication and authorization. To make the Internet a safer place, we need to make open source tools available, not just expensive commercial tools. OX is a step in the right direction, and it would be really helpful to get recognition for the work we’ve done which made the OX releases of 2012 possible. We can’t spend $4,500/day on pay-per-click like some of our competitors, so awards like this really help generate the buzz on the Internet that drives adoption of the technology. Internet adoption of OpenID Connect and UMA for authentication and authorization could have a massive impact on privacy. In fact, these core services are the coral reef, from which a whole ecosystem of privacy protecting technologies, networks, and technologies can develop. Other work that Gluu has contributed to includes “graph” technology to enable people and organizations to share data. We decided to focus on authentication And authorization, because we realized that without it, there was no way to share data in a Scalable privacy protecting manner. Article resource:-http://www.blogster.com/thegluuserver/gluu-started-the-ox-project-in-2010-the-goal-was-to-open-source-portions-of-gluus-commercial-identity-platform