Security/identity · 7 May 2007

OpenID at work

It looks like the release has crossed the wires — and folks have been noticing. Yes, it’s true (my colleague Gerry Beuchelt, our team whip-cracker, already beat me to the punch…).

Sun has long taken an A-to-Z view of all the factors that make for successful identity management, and we have a unique opportunity to examine how OpenID can add to the picture. This can involve, for example, exploring the seams between use cases (what might it mean to use OpenID as an intranet solution?) and exposing details behind our decisions (what issues of business trust, liability, etc. lurked behind the simple act of offering our employees OpenIDs? — and what’s the value proposition for Sun-affiliated websites as they consider becoming OpenID consumers?).

We haven’t quite yet gotten our “Sun Identity Provider for OpenID” up and running yet (sorry Scott K.), but it’s real close. What’s cool is, we’re using the OpenSSO open-source project with the new OpenID extension applied to build it. (You may recall that OpenSSO is also home to some nice PHP and Ruby relying parties for SAML.) OpenSSO is a full-featured federated identity + access management + identity web services solution with great standards compliance, so it’s an easy way to check out a wide range of functionality.

Stay tuned for more in the coming days and weeks. You can keep an eye on the latest status by checking the Sun Developer Network. My colleagues and I who have been working on this program will be blogging more about all this, using the sunopenid tag, and I encourage others to weigh in by doing the same. (I will personally consider the whole thing a triumph if I can get Yvonne Wilson, Sun IT architect extraordinaire, to start blogging!)

Tags: sunopenid, OpenID