JOSSO / News: Recent posts

Atricore’s JOSSO is a dual-licensed Cloud Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

Here are a few highlights:

• Allows rolling out Virtual Service Providers (VSP) for proxying remote Identity and Service providers.
• Introduced support for IIS 8
• Added support for Facebook and Google sign-in
• Added JIRA 6 Support
• Plays nice with OpenID Connect (OIDC)
• Introduces support for Oracle Weblogic 11 and 12 Support
• Official compatibility with Java 8
• Includes .Net OAuth2 Bindings
• Fine-grained Auditing
• Pre-authentication
• Tons of Performance and Security improvements... read more

Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

This is a maintenance release which features improved compatibility and performance for the SAML2 stack, in addition to improved interoperability with various mainstream Federated Sigle Sign-On solutions.... read more

Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

Now, with the release of JOSSO 2.1, Atricore extends the reach of point-and-click Internet-scale Single Sign-On into the Cloud environment, as well as maximizing security by adding cost-effective Two Factor Authentication (2FA) support.... read more

Identity and Access Management is widely considered to be a highly technical domain, with an implementation that's out of reach for most folks. The process of setting up a system for identity and access management has a well-earned reputation for technical difficulty, inconvenience, and errors; all in pursuit of an end product that most users dislike and avoid.

Over at Atricore, we're not happy with this state of affairs. We're changing things, and we think you'll like what we've accomplished. First, we put together a top-notch identity management platform, incorporating JOSSO and the Atricore Identity Bus; and now we've added ease of use. Usability translates to productivity. Get the less technically savvy people on board with your identity solutions, and you will significantly accelerate time-to-value for enabling federated identity settings.... read more

JOSSO 2.0 has been finally released into the wild, enabling rapid Internet-scale Single Sign-On implementations by natively supporting SAML2 as well as playing nice with other standards in the identity arena such as SPML, WS-Trust and WS-Security.
We've also raised the bar for usability and overall user experience; Federated Single Sign-On settings can now be visually designed, delivered and managed through the RIA Console bundled with the product.
The out-of-the-box experience has also been significantly enhanced by providing an all-in-one solution.
Last but not least, JOSSO2 brings to the table seamless multi-tenancy support through the "virtualization" of Internet SSO deployments.... read more

JOSSO, or Java Open Single Sign-On, is an open source JEE, Spring and Windows-based transparent and standard-based Federated SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.

The JOSSO development team is proud to announce the release of version 1.8.2, which mainly introduces transparent inbound and outbound SAML2 interoperability for seamless standard-based Federated SSO experience, includes out-of-the-box support for mainstream Portals and CMS systems, can build on multiple disparate authoritative sources of user information for carrying out authentication and plays nice with any JASPI-compatible (JSR196) application servers such as JBoss 5 and GlassFish.
What's new in 1.8.2 :... read more

It's been almost two years since Stuart Kwan of Microsoft presented the Identity Bus as the "End-game for successful identity systems". Some time later, the Identity Bus is a reality, and the first open source implementation is out.

Enterprises are suffering from an exponential increase of demands in terms of interoperability, Internet-facing federation and the externalization of identity resources. Furthermore, in order for IT Directors to gain approval for projects during this economic downturn, they have to demonstrate an almost immediate return of investment.... read more

JOSSO, or Java Open Single Sign-On, is an open source JEE and Spring based transparent SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.

The JOSSO development team is proud to announce the release 1.8.1, which adds native single sign-on support for platforms such as Windows and Websphere, and provides out-of-the-box handling for business-centric access management scenarios thus reducing significantly the last-mile integration and branding effort yet improving the overall user experience. The project home page is http://www.josso.org .... read more

Atricore Inc. has launched public training sessions for JOSSO in Chicago (IL) and Houston (TX).

The course covers topics such as how to leverage the new JOSSO 1.8 features, deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Spring Security. ... read more

Atricore Inc. has launched this year's public training sessions for JOSSO in New York (NY) and San Francisco (CA).

The course covers topics such as how to leverage the new JOSSO 1.8 features, deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Spring Security.... read more

JOSSO, or Java Open Single Sign-On, is an open source JEE and Spring based transparent SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.

The JOSSO development team is proud to announce the release 1.8, which represents a major leap forward in drastically lowering the integration and deployment time-frame involved in delivering Single Sign-On and Web Access Management (WAM) to all your applications.... read more

Early Bird Discount of 100 USD for Washington DC training session registration now closes on Monday, October 6.

The course covers topics such as deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Acegi. ... read more

JOSSO - Java Open Single Sign-On - is an open source J2EE-based SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization. For more information contact our website at : http://www.josso.org

The JOSSO Single Sign-on Project 1.7 release is out, bringing fully transparent single sign-on to BEA WebLogic 9 and Apache Geronimo 2 application servers, extending as well its interoperability span to generic JEE web container such as Jetty.
As part of this release, a brand new Ajax user management application comes built-in for enabling out-of-the-box account provisioning.... read more

Atricore Inc. has launched this year's public training sessions for JOSSO in New York (NY) and San Francisco (CA).

The course covers topics such as deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Acegi. ... read more

Dear JOSSO Community,

Considering the recent connectivity issues experienced with the ISP hosting the JOSSO.ORG web site, we've put online a mirror web site hosted within a different facility.

The mirror web site can be reached through the "official" project URL : http://www.josso.org .

If you wish to reach the web site right away and not wait for the DNS update, which should take 24 hours from now, consider using temporarily the following URL for accessing the JOSSO.ORG web site : http://mirror.josso.org . ... read more

Apache Geronimo J2EE server 2.0 is now officially supported by JOSSO 1.6 for both Single Sign-On Agent and Gateway deployments.

For detailed technical guidelines on how to setup JOSSO with Apache Geronimo see : http://www.josso.org/confluence/pages/viewpage.action?pageId=2359317

A pre-configured Apache Geronimo instance and the JOSSO dependencies snapshot are available for download here : http://sourceforge.net/project/showfiles.php?group_id=116854&package_id=129496

The JOSSO Single Sign-on Project has released the 1.6 version which includes full support for the Spring framework, by leveraging its IoC container and integrating Acegi Security for fine-grained access control and authorization.

What's new in 1.6 :

* Includes full support for Spring 2.0
* Allows defining SSO beans using the Spring XML configuration format while keeping backward compatibility with the legacy one.
* JOSSO can now be used as the single sign-on facility for Acegi
* Acegi integration for authorization and instance-based access control based on the JOSSO-specific security context
* Leverages Spring framework's JMX management infrastructure
* Introduces compatibility with JBoss 4.2 and 4.2.1
* Introduces compatibility with Jakarta Tomcat 6 web container
* Includes extensiblity enhancements and bug fixes... read more

Atricore Inc. has launched public training sessions for JOSSO in New York (NY) and San Francisco (CA).

The course covers topics such as deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Acegi.... read more

Hello Josso Community,

First of all, thanks for your support during almost 3 years of life! Around 70,000 downloads and a growing community, among other things, is something that is pushing the project to the next level.

The Josso team is rapidly growing and currently putting a lot of effort on completing the upcoming Josso 2.0 release which will represent a major leap forward for Single Sign-On technology and Identity Management in general. ... read more

The JOSSO Single Sign-on Project has released the 1.5 version which includes support for transparent cross-organization/cross-domain Single Sign-On among other features.

What's new in 1.5 :

* Fully transparent and configuration-free cross-organization/cross-domain Single Sign-On brings simplified mid-end and high-end IdM deployments.
* Supports programmatic authentication for remote SOAP clients.
* Improved protocol allows more secure SSO message exchange through out-of-band centric messaging.
* Added support in PHP and ASP interfaces for leveraging cross-organization/cross-domain SSO and programmatic authentication.
* Runs in JBoss 4.0.5.GA and 3.2.8 SP1 application servers
* Runs in Jakarta Tomcat 5.5.20+ web container
* Includes extensibility enhancements and bug fixes ... read more

We have migrated the JOSSO source base from CVS and moved it to a Subversion repository. From now on all development will take place in subversion.
The CVS repository is no longer available.

For information on using Subversion to access JOSSO source base see : http://sourceforge.net/svn/?group_id=116854

The JOSSO Single Sign-on Project has released the 1.4 version which includes support for remotely monitoring and managing JOSSO instances, more user-friendly configuration facilities, auditing management among other features.

What’s new in 1.4 :

* New support for allowing SSO Monitoring and Management through JMX
* More user-friendly and remote-enabled SSO Agent and Gateway configuration
* Improved pluggable Event and Auditing management
* Microsoft Active Directory support for LDAP integration
* Support for clustered Single Sign-On deployments
* More flexibility in fetching identity information from LDAP Directories.
* Enhanced error handing
* Runs in JBoss 4.0.4RC1 and 3.2.8 SP1 application servers
* Runs in Jakarta Tomcat 5.5.12+ web container
* Includes many minor enhancements and bug fixes... read more

JOSSO Single Sign-On 1.3 has been released.

This update includes the following significant changes :

* Support for JBoss 4.0.2 application server
* Support for Jakarta Tomcat 5.5.9 web container
* Compatibility with JDK5
* Enhanced build system for easier implementation of container compatibility plugins
* Avalability of a Jakarta Tomcat 5.5 and JBoss 4.0.2 bundles .
* Several bug fixes and minor enhancements... read more

Jasper Rosenberg wrote a tutorial about how to provide SSO capabilities to Open Reports http://www.opensourcesoft.net/\) using JOSSO.

Check it out here :

http://sourceforge.net/forum/forum.php?thread_id=1257723&forum_id=187722

Patch #1151729 was released for the JOSSO 1.2 version which fixes a few bugs and provides new specific features :

[NEW] : Root context protection support specifying "/" as partner app context.
[NEW] : Single Point of Access configuration property for JOSSO Agent to support load balancers and reverse proxies.
[FIX] : LDAP store supports binary credentials to be used by strong authetnication scheme
[FIX] : Apache + SSL + reverse proxy support for Strong Authentication
[FIX] : MessageDigest threadsafe in UsernamePasswordAuthScheme
[FIX] : NullPointer exception accessing the login page... read more