ForgeRock Community Blog Syndicate

This is a big milestone for ForgeRock and the OpenAM project, an open source WebSSO, Authentication, Authorization, Federation and Entitlements solution. After months of development (a few more than we anticipated), we’ve finally released OpenAM 10.0.0, a major version of the product.

OpenAM 10 brings a set of new features, including support for OAuth 2.0 client authentication, the ForgeRock Identity Gateway (built out of project OpenIG), enhanced SAML 2 identity provider capabilities, a new Risk Based Authentication module, …  It also now relies on OpenDJ 2.4.5, the latest stable release of OpenDJ the open source LDAP directory server, and supports the internet-draft based LDAP password policy. You can find more details  in the press announcement, or the product release notes. The documentation of the OpenAM 10 release can be read at http://docs.forgerock.org/en/index.html?product=openam&version=10.0.0.

The OpenAM 10 release owes a lot to the OpenAM community, for the issues raised : a total of 41 issues fixed in OpenAM 10 were raised by 26 different persons, and for the generous patches offered to fix over a dozen of these issues.
To each and every contributor : THANK YOU !

Last month, just before the French national day, I was in Strasbourg to participate in the RMLL.

Photo by Sebastien Bahloul

On the occasion, I did a presentation in the security track, about OpenAM Universal Gateway, another piece in the complex puzzle of Web Single Sign-On. The Universal Gateway solves an important problem in Access Management: allowing single sign-on for applications that are usually left out because they are based on legacy or non standard based technology.

The Universal Gateway comes from ApexIdentity, an acquisition that ForgeRock did in the spring. It’s been released in open source as part of the OpenAM source code repository.

The presentation I did was in French, and so are the slides.

You can find more about the Universal Gateway on ApexIdentity web site, and soon on OpenAM documentation.

Brad Tumy has recently published a detailed and illustrated tutorial on how to install OpenAM 9.5.2 and OpenDJ 2.4 with GlassFish. The post highlights how easy it is to install and configure these 2 products to secure a web application and provide Web single sign on. A good starting points for those who are new to these products and want to get started very quickly.

Note: Brad’s post is for OpenDJ 2.4.0, but we highly recommend that you download and install OpenDJ 2.4.2, the latest release, which fixes some issues with replication and improves reliability over WAN.