gembin

OSGi, Eclipse Equinox, ECF, Virgo, Gemini, Apache Felix, Karaf, Aires, Camel, Eclipse RCP

HBase, Hadoop, ZooKeeper, Cassandra

Flex4, AS3, Swiz framework, GraniteDS, BlazeDS etc.

There is nothing that software can't fix. Unfortunately, there is also nothing that software can't completely fuck up. That gap is called talent.

About Me

 

Higgins 1.0: Identity Management Solutions from the Eclipse Foundation

from http://www.infoq.com/news/2008/02/higgins_1_0

Identity management for networked and distributed applications continues to present several unique challenges for users and developers. Protocols such as OpenID and WS-Trust have emerged as distributed identification protocols to help enable a more globally available authentication scheme.

Earlier this month, the Eclipse Foundation announced the release of Higgins 1.0. Higgins is a suite of identity management solutions from the Eclipse foundation, created with the intent of simplifying and adding consistency to online authentication. The software infrastructure provided by Higgins is specifically targeted at providing a consistent interaction for users with multiple authentication protocols:
 
Higgins is not another identity protocol like OpenID, SAML, or WS-Trust; it is a framework that allows software developers to integrate and leverage multiple protocols within their applications. Specific identity protocols, like OpenID, which is very important for solving password management for things like blog, wikis, etc., are popular with specific users for specific use cases; however, the Project Higgins community believes there will continue to be multiple identity protocols used to support differing identity scenarios. Instead of requiring a developer to become proficient in all protocols, they can now use Higgins to gain support for them all.

Higgins is built around the concept of information cards, which are simply visual representations of a digital identity. The various components of Higgins are centered around helping end users interact with information cards, as well as enabling developers to support identity cards as a form of authentication in their respective applications.

There are three components provided by Higgins for enabling information-card authentication:

First, it provides multi-platform “identity selector” applications that end-users can use to sign-in to web sites and systems that are compatible with the emerging user-centric “Information Card”-based (or “i-card”-based) approach to authentication. This approach promises people fewer passwords, more convenience, and better security.

Current end-user solutions available include:
  • A GTK/Cocoa selector, which includes a Firefox extension to launch the selection interface when a website requests i-card authentication.
  • An Eclipse RCP-based desktop application which supports integration with Internet Explorer 7 to prompt for i-card selection on website request.
  • A distributed, embedded Firefox-plugin-based selector -Where-as the first two solutions provide a local registry and selection service for managing information cards, this solution is an early representation of using a remote server to act as a distributed card registry.
Second, it provides complete “identity provider” web services as well as the “relying party” code necessary to enable websites and systems to be information card- and OpenID-compatible. Software developers can incorporate this "relying party” code into their applications to make it easier for their users to login to their site. There are currently two web-site developer solutions available:
  • STS IdP - An identity provider solution utilizing WS-Trust.
  • SAML2 IdP -An identity provider solution utilizing SAML2

Third, it implements the Higgins Global Graph (HGG) data model and the Higgins Identity Attribute Service (IdAS). Developers now have a framework that provides an interoperability and portability abstraction layer over existing “silos” of identity data. For the first time, IdAS makes it possible to “mash-up” identity and social network data across highly heterogeneous data sources including directories, relational databases, and social networks.

The HGG/IdAS layer of Higgins offers integration opportunities between several identification protocols such as OpenID, WS-Trust, SAML, and LDAP.

Higgins has received industry support from several companies that provide identity-management solutions including: IBM, Microsoft, and Novell.
Microsoft authored a similar technology to Higgins information cards with Windows CardSpace (initially released in 2006); Higgins identity selector solutions are compatible with CardSpace-enabled applications.

At the Eclipse project page, more information is available regarding Higgins identity solutions, and downloads are available for Higgins 1.0 solutions and components.

posted on 2009-03-08 23:55 gembin 阅读(466) 评论(0)  编辑  收藏 所属分类: JavaEE


只有注册用户登录后才能发表评论。


网站导航:
 

导航

统计

常用链接

留言簿(6)

随笔分类(440)

随笔档案(378)

文章档案(6)

新闻档案(1)

相册

收藏夹(9)

Adobe

Android

AS3

Blog-Links

Build

Design Pattern

Eclipse

Favorite Links

Flickr

Game Dev

HBase

Identity Management

IT resources

JEE

Language

OpenID

OSGi

SOA

Version Control

最新随笔

搜索

积分与排名

最新评论

阅读排行榜

评论排行榜

free counters