RealTime IT News

Analysts Question Microsoft-Sun Alliance

When Microsoft and Sun Microsystems announced last week that they would be working to create single sign-on utilities between their products, the news raised more questions than it answered.

The companies have developed the Web Single Sign-On Metadata Exchange (Web SSO MEX) protocol and Web Single Sign-On Interoperability Profile (Web SSO Interop Profile) specifications.

Microsoft CEO Steve Ballmer and Sun CEO Scott McNealy said the rules will make browser-based single sign-on possible between platforms from different vendors that use the similar Liberty Alliance Identity Federation Framework (ID-FF) or WS-Federation.

The Sun-backed ID-FF and Microsoft-backed WS-Federation describe a way to enable identity, account, attribution, authentication and authorization federation across different organizations.

Some standards experts are comforted that the two rivals have made progress to help customers tap into Web services and service-oriented architectures (SOA). But they see a thicket of issues, as well.

Analysts say the work, while a step in the right direction, is far from complete.

Forrester Research analyst Randy Heffner said there is definitely some goodness in the deal, but what is more interesting is what the companies have not said.

For example, WS-Federation, a spec that has yet to be submitted to a standards body, has two profiles: Passive Requestor and Active Requestor. By not including Liberty's Identity Web Services Framework, the announcement is implicitly limited to the Passive Requestor profile, Heffner argued.

"Bottom line: Web services interoperability is not yet part of the picture," Heffner said. "It remains to be seen how far the Sun/Microsoft collaboration will go in this direction."

Microsoft and Sun also pledged joint support for WS-Management and have shown how Microsoft's software runs on Sun machines using the schema. But that, too, is just a spec with no formal home.

"It is good that Sun is in with the Microsoft crowd for WS-Management, but the WS-Management group has yet to come clean on how they will work with the WSDM standard approved by OASIS," Heffner said. "Again, WS-Management is still just a specification in the hands of vendors.

There is evidence that vendors are being helped by Microsoft's and Sun's interoperability efforts. Fred Killeen, CTO for General Motors Information Systems & Services, said the unity is important for GM because the automaker has more than 1 million users that use a combination of Sun's Directory and Microsoft's Active Directory software.

GM is engaging in a proof of concept for integrating Microsoft and Sun software. The automaker is using a Microsoft-based desktop to authenticate to an Active Directory. From there, the company provides single sign-on to its user portal, which uses Sun's portal software and Directory.

"It will take out a significant amount of the complexity in our current environment," Killen said during the press event. "We'll have fewer calls to our help desk. We expect it will reduce the complexity and the cost, so this is a big deal for us."

Ballmer shrugged off the importance of the GM experiment with regard to specs and standards during the press event last week.

"I don't want people to just think this is about specs and standards -- those things are super important. But at the end of the day, they're not going to let folks at General Motors get full access to the Microsoft world and Sun portal world at General Motors. That will come through the products that our two companies deliver."

But perhaps they should concern themselves with standards. One expert said that standards resolution, cutting through the duplicate schemas and other overlap, is not getting any easier.

Gartner analyst Charles Abrams said that complications have cropped up over the last few years, because vendors began churning out specs to make Web services run more seamlessly.

For example, Abrams noted that the progress of the Liberty Alliance is moving a lot slower than expected, as is work around the World Wide Web Consortium's WS-Addressing spec, a vital rule that would enable Web services to be broken out of HTTP.

The reality is, he said, the IT world isn't at the point where users have a complete Web services stack with heavy inter-relationships. One brick wall is that the standards process is becoming too complex. Another is that vendors are defending their interests, Abrams said.

"The Web services standard stack under development continues to cause confusion and wasted development resources," Abrams said. "There are over 50 Web services standards and specs proposed and under development. I predict fewer than 25 will survive by decade's end as open industry standards."

Progress is being made but at the minimum, the IT world won't see a lot more standards coherence until roughly 2008, he said.

"The main issue for the end user is when evaluating a platform application or tool purchase from a vendor, which spec are they using and which should they be deploying when doing internal application development," Abrams said.