I was recently asked about Exist DB support for PicketBox XACML (formerly JBossXACML) mainly to retrieve missing XACML attributes during policy evaluation. The question was asked by one of our beta testers of PicketLink (http://jboss.org/picketlink).
We now have ExistDB integration support for our XACML Engine. You can read about it here:
PicketBox XACML Integration with Exist DB
I think storing xml files (policies) in an XML native database is a fine idea as long as it is a small set.
This blog is a personal book on Security/ IDM related thoughts/opinions. The blog posts are a personal opinion only and neither reflect the views of current/past employers nor any OTHER person living/dead on this planet.
Google Site Search
Thursday, March 25, 2010
Wednesday, March 17, 2010
Enabling EJB Applications using PicketLink STS
Stefan Guilhen has worked on the integration of PicketLink STS with EJB Applications. He has written this great article on
"SAML EJB Integration with PicketLink STS"
Don't forget to check it out.
If you have questions/comments/concerns, use this forum thread here.
"SAML EJB Integration with PicketLink STS"
Don't forget to check it out.
If you have questions/comments/concerns, use this forum thread here.
Friday, March 12, 2010
Internet is Freedom
An absolutely brilliant presentation by Lawrence Lessig on the topic of "Internet is Freedom" to the Parliament of Italy.
http://blip.tv/file/3332375
The "Internet is Here". It is not going away. Whatever we need to do to make it safe, we have to do.
Please do not forget to watch the entire episode. About 30 mins.
http://blip.tv/file/3332375
The "Internet is Here". It is not going away. Whatever we need to do to make it safe, we have to do.
Please do not forget to watch the entire episode. About 30 mins.
Wednesday, March 10, 2010
Oasis Identity In The Cloud Technical Committee
I am pleased to have ignited the establishment of a new Technical Committee called as "Oasis Identity In The Cloud" at the Oasis standards consortium. Prominent security experts in the industry were gracious to participate in the initial brainstorming group I created.
You can read more on the charter here: IDCloud Charter
Apart from Red Hat, the proposers of the TC include Microsoft, IBM, CA, Novell, Rackspace, SafeNet, Yaana Technologies along with a few prominent individuals in the security/identity space. I am sure the proposer list will grow in a few days.
If you are an Oasis member or your company is an Oasis member, you should definitely look at joining this effort.
More details and a call for participation will be announced by the Oasis consortium in a few days.
Keywords: Oasis Cloud Security.
UPDATE: The Oasis Call For Participation is here.
You can read more on the charter here: IDCloud Charter
Apart from Red Hat, the proposers of the TC include Microsoft, IBM, CA, Novell, Rackspace, SafeNet, Yaana Technologies along with a few prominent individuals in the security/identity space. I am sure the proposer list will grow in a few days.
If you are an Oasis member or your company is an Oasis member, you should definitely look at joining this effort.
More details and a call for participation will be announced by the Oasis consortium in a few days.
Keywords: Oasis Cloud Security.
UPDATE: The Oasis Call For Participation is here.
Labels:
cloud,
cloudsecurity,
identity_cloud_computing,
oasis
Monday, March 8, 2010
Is OpenSSO alive?
Reading Rich Sharples post and also this post saying Oracle kills OpenSSO Express, I am left to wonder if OpenSSO as an open source project is alive? Let me ping Pat Patterson and see if he knows anything.
It is always sad to see any open source project unplugged from the community.
I do hope majority of the migrations from OpenSSO adopt our open source project called PicketLink, rather than adopt some commercial solution. At PicketLink, we have strived hard (yeah, really really hard) to keep things as simple and nimble as possible.
Info on PicketLink v1.0.2.
It is always sad to see any open source project unplugged from the community.
I do hope majority of the migrations from OpenSSO adopt our open source project called PicketLink, rather than adopt some commercial solution. At PicketLink, we have strived hard (yeah, really really hard) to keep things as simple and nimble as possible.
Info on PicketLink v1.0.2.
Friday, March 5, 2010
Project PicketBox (Security for Java Applications)
I would like to introduce you to Project PicketBox, a security framework for Java Application developers.
Project Page: PicketBox
What does it provide?
An API that can provide the following security features:
* Authentication using JAAS.
* Authorization (Coarse Grained and Fine Grained).
* Audit
* Security Mapping.
What is the latest version?
Latest version for download is 3.0.0.Final (http://www.jboss.org/picketbox/downloads )
Since PicketBox is derived out of "JBoss Security" v2.0 code base, we have chosen to start with v3.
Where I can read the documentation?
You can read it here: PicketBox Overview
Does it provide annotations?
Yes, it does provide Security annotations. (PicketBoxSecurityAnnotations)
Who is planning to use PicketBox?
* The Seam Development team has immediate plans to use PicketBox for Seam v3.
* PicketBox will be available in JBoss Application Server v6.0 M3 and beyond.
Project Page: PicketBox
What does it provide?
An API that can provide the following security features:
* Authentication using JAAS.
* Authorization (Coarse Grained and Fine Grained).
* Audit
* Security Mapping.
What is the latest version?
Latest version for download is 3.0.0.Final (http://www.jboss.org/picketbox/downloads )
Since PicketBox is derived out of "JBoss Security" v2.0 code base, we have chosen to start with v3.
Where I can read the documentation?
You can read it here: PicketBox Overview
Does it provide annotations?
Yes, it does provide Security annotations. (PicketBoxSecurityAnnotations)
Who is planning to use PicketBox?
* The Seam Development team has immediate plans to use PicketBox for Seam v3.
* PicketBox will be available in JBoss Application Server v6.0 M3 and beyond.
Subscribe to:
Posts (Atom)