This is a commonly asked question in the industry whenever there is any mention of "Federated Identity and related standards".
I have always been an avid supporter of the SAML specifications and was greatly thrilled to see Liberty, Shibboleth and SAML v1.1 find some common ground to beget SAML v2.0.
Now to the original question, who else to answer this than Don Schmidt, an highly respected expert in Federated Identity (Don is a key figure in Microsoft's Federated Identity story).
Here is the link to Don's blog entry:
WS-Federation 1.1 and SAML 2.0 have different goals
WS-Trust is an extremely important specification in the WS world. WS-Federation being the natural extension of trust semantics is an important necessity.
I do hope that all these federated Identity and trust related specifications can converge, in the near future. It is encouraging to see Kim Cameron preaching the concept of an "Identity MetaSystem" that will try to provide an unified view irrespective of the underlying protocols/mechanisms.
Wednesday, October 31, 2007
Friday, October 26, 2007
Tip10: Generate GUID or UUID
Stefan and I have been discussing the usage of java.util.UUID to generate a sso identifier similar to that done by tomcat's AuthenticatorBase. Since we wanted to avoid overlap with the random id generated by AuthBase, I suggested the usage of UUID.
So we decided to explore the level1 or time based UUID.
After sometime, Stefan gave up figuring out the way to instantiate level 1 UUID.
We found this mini-FAQ on UUID.
Java UUI Mini FAQ
Level 4 UUID should be sufficient.
An example of UUID usage is here >>>
So we decided to explore the level1 or time based UUID.
After sometime, Stefan gave up figuring out the way to instantiate level 1 UUID.
We found this mini-FAQ on UUID.
Java UUI Mini FAQ
Level 4 UUID should be sufficient.
An example of UUID usage is here >>>
Tip 9: Change SSL Implementation in JBoss/Tomcat
Sometime you may get some errors such as
If you want to change the SSL implementation to the JBoss
SSL implementation (which is not really such a big difference),
then take a look at the
Tip 5
More specifically at:
java.lang.ClassNotFoundException: Error
loading SSL Implementation
org.apache.tomcat.util.net.puretls.PureTLSImplementation
:java.lang.ClassNotFoundException: No
ClassLoaders found for:
org.apache.tomcat.util.net.puretls.PureTLSImplementation
If you want to change the SSL implementation to the JBoss
SSL implementation (which is not really such a big difference),
then take a look at the
Tip 5
More specifically at:
<!-- SSL/TLS Connector with encrypted keystore password
configuration -->
<Connector port="9943"
address="${jboss.bind.address}"
maxThreads="100"
minSpareThreads="5"
maxSpareThreads="15"
scheme="https" secure="true"
clientAuth="true"
sslProtocol = "TLS"
securityDomain="java:/jaas/encrypt-keystore-password"
SSLImplementation="org.jboss.net.ssl.JBossImplementation"
/>
Subscribe to:
Posts (Atom)