Single Sign-On, The Java Way

Sun Microsystems ratcheted up its identity management
portfolio by offering two new products that help corporations extend secure
access to outside partners and suppliers.

Called Java System Federation Manager and Java System Identity Manager Service
Provider Edition, the products allow customers to deploy ID management and user
provisioning for applications and computer gear outside their intranets and

The idea is to allow partners access to specific sites without letting them
run roughshod over the network, peeking at any data they desire. This is a
major change from the traditional method of walling off networks to partners
and customers.

Sun’s approach could prove attractive to enterprises looking to extend
distributed computing models, such as service-oriented architectures ,
outside their corporate networks. Large organizations such as
telecommunications firms or financial services outfits could find such
technology valuable as they handle millions of transactions and

Eric Leach, product management director at Sun, said Federation Manager
allows users to set up and maintain passwords for single sign-on and Web
services between several partners. Partners can use
the tool to exchange authentication information, or connect identities
across several sites.

The software supports Security Assertions Markup Language , Liberty
Identity Federation Framework and Liberty Identity Web Services Framework
standards, too. The tool can also integrate proprietary mechanisms, such as
a Windows desktop.

Identity Manager Service Provider Edition provides identity administration
tools that make it easy for businesses to deploy applications and services
from third-party partners.

The product, which grants smooth data exchange in high-volume extranets,
allows customers to replace less sophisticated and reliable identity
management programs. The software can also automate the setup and management
of federated accounts.

Leach said Sun crafted the new software to fill a market gap in terms of how
partners were putting together federation on their side. Companies were
creating too many one-to-one federated relationships instead of many-to-many
exchange models.

“The ability to provision users and do delegated administration provided by
Identity Manager Service Provider Edition is really unique in the market,”
Leach said. “There aren’t a lot of capabilities out there to do that broad,
federated provisioning across a bunch of different partners at the same

Leach said the products will likely be added to Sun’s identity management
product arsenal, which includes Java System Access Manager, Identity
Manager, Identity Auditor and Directory Server Enterprise Edition.
Federation Manager starts at $150,000 and Identity Manager Service Provider
Edition will cost companies $300,000 to start.

Sun competes with IBM, Oracle, Computer Associates and a slew of other
vendors in the identity management software space. Oracle and CA acquired
Oblix and Netegrity, respectively, to shore up their federated ID assets.
Sun and IBM choose to bake their ID management products in house.

News Around the Web