Late news, but still very relevant. Earlier this month we took the alpha to Boston for a presentation at the Jan 8-10 TEG Interim, and interoperability testing with Symlabs Federated Identity Suite. We also made a visit to Parity Communications to meet with members of the Higgins Project to discuss some project synergies. Brett will follow with a post that has more details.

The presentation at the TEG Interim lasted about an hour and covered as many aspects of the project as possible. We discussed the website and the tools we’re using for collaboration, we went through some code, specifically the non standard DST 2.1 based Profile Service, and discussed briefly the trajectory of the project as a whole. Our next deadline (BETA), approaching quickly, is two days after Valentine’s Day, February 16th!!!! Not sure why we keep choosing deadline right around holidays, but there you have it.

The big news from going to Boston was having a chance to meet with Sampo Kellomäki, the Chief Architect at Symlabs. Sampo is extremely knowledgeable in the development and practice of ID-WSF and has written several Liberty specifications. He also has an open source project ZXID, which is aiming for a full stack implementation of all federated identity management and identity web services protocols. ZXID is written in c and supports PERL, PHP, and Java. It is 95% ID-WSF 2.0 feature complete. We are planning on testing with ZXID as soon as possible, using the Java support.

In Boston Sampo and I tested the ClientLib against Symlabs Federated Identity Suite. We successfully authenticated using the Symlabs AS and pulled a Discovery EPR. We then used the Discovery EPR to get another Discovery EPR from the DS. This was fun, and it all went off really well. So, we went to Boston and celebrated. The next day we did some more work and were able to use the DST 2.1 reference implementation to create a ID-DAP query and parse the response. ID-DAP (which is part of Symlabs Federated Identity) provides federated identity based access to an LDAP directory. It is a great example of an in production service that utilizes DST 2.1.

Overall it was a very successful trip. I learned a lot, did some testing, made some friends, and came back to Berkshire County in one piece. Keep your eyes open for the BETA an Feb 16th!

We are very pleased to announce that, after many setbacks and challenges, the ClientLib Alpha is now available online! As of this build, it is possible to use the AS client and the DS client with Conor Cahill’s WSP. The Personal Profile Service Client (operating on DST 2.1) is now complete — and there is now a shell of a People Service Client as well.

To enable you to begin experimenting with this build, we’ve put together a simple quick start, involving 5 simple steps. Please feel free to take a look and let us know what you think, but bear in mind that this is still Alpha code!

Here’s the latest update on our PP 1.1 client implementation:

The PP 1.1 XML schema has now been built out in its entirety — based on DST 1.1. This includes element classes, unmarshallers, marshallers, and builders. However…

When Asa got to the development of the queries, he realized that the 1.1 spec was looking for a discovery resourceID that has been deprecated as of ID-WSF 2. So, he’s now working on a DST 2.1 adaptation.

There was a suggestion recently that we should be building ID-DAP, which gives existing LDAP directories the ability to exist in a Liberty ID-WSF environment. Apparently Symlabs has implemented this. If anyone has info on the usage of ID-DAP, please post it!

Here’s what Symlabs says about it (from their site):

“ID-DAP clients can invoke this web service to remotely perform LDAP operations with no requirement to reveal a user’s actual private identity information, such as a telephone number.”

More snow expected tonight — looks like it’ll be a white Xmas…

Well. Just checked in the first crack at modeling the version 1.1 Personal Profile (Liberty ID-SIS PP v1.1) using the Shibboleth Java XMLTooling and OpenSAML 2 libraries. Take a look at the source if you are interested. Big big big thank you to Shibb for the already developed signature classes. Geez… that saved some time The PP uses the ID-WSF DST v1.1.

Next I will be writing the Marshaller/Unmarshaller/Builder classes to support the base objects. This will prove to be rather tedious I am sure, but satisfying when completed.

It is snowing here in Massachusetts, totally beautiful. I may post a picture later.

After a meeting on the 20th it became clear that the objectives were not as clear as they could be for the project. The ultimate goal is a ID-WSF 2 Client Library that becomes certified liberty interoperable. With this as the goal, it made sense to look at the requirements to achieve this, so we turned to the Liberty Interoperable Testing Procedures for ID-WSF 2.0.

At the moment we are working out the bits that are relevant for a SOAP library. Most everything appears to qualify, but there are some aspects (like browser redirects) which are out of band. So at the moment we are rejiggering the delivery schedule and deliverables.

HELP!!!! If you have access to or have code that implements some or all of the ID-WSF 2.0 WSP requirements, we’d love to test with you. DISCO through some service would be helpful (even a “Hello” service would qualify quite well). Please contact me using asa dot openliberty at zenn  dot net.

A new draft of the IGF Attribute Services API (aka CARML API) has been posted. Also, a couple examples of uses of the IGF “stack” have been added to the wiki.

Your comments and feedback greatly appreciated!

Enjoy.

After hitting virtually every roadblock imaginable (bandwidth issues, memory issues, OS issues, etc.), we’ve finally got HP’s ID-WSF 2.0-compliant “Select Federation” product up and running on Derrick’s Solaris box. Santosh and Pulkit, engineers at HP, have been very helpful in helping us get started with our interop tests. Today we’ve been extracting EPRs from the communication between HP’s IDP and their SP to use in our ClientLib testing.

ClientLib-to-HP SF interop testing will continue this evening and tomorrow.

We’ve set October 12th for our Alpha delivery. By the 12th the ClientLib will be cutting a critical path from bootstrapping a disco epr, through discovery, and interacting with a simple service. We’ve been working with Conor Cahill’s Server Toolkit as our test harness, and scraping queries from his Client.

So far so good! You can download what we have and watch the magic happen - the latest versions of OpenSAML’s java libraries are required (specifically java-opensaml2, java-xmltooling, and java-openws). All of the other required jars are shipped with the OpenSAML code.

There will be a great deal more progress over the next several days, but feel free to take a look.

Prateek Mishra has contributed a new further reading section to the IGF Wiki. Check it out here.

The ID-WSF 2.0 ClienLib developer team has been joined by Todd Guion. He brings excellent experience and energy to the project.

Todd obtained a Ph.D. from Stanford University in 1987 with a degree in Biophysical Chemistry. After starting a biotech company in 1989, Todd started software consulting in San Jose CA. For the next seven years, Todd consulted on several projects in medical imaging using C++ and worked with Apple Inc. writing localization tools. Todd started middleware and java programming in 1995, and started an online auction company etreasure.com in 1997. Todd has been using WebObjects and Java since 1995, and currently lives near Harrisburg PA where he has been consulting for a number of companies, including Motorola and Zenn New Media.

Todd has already been checking in some substantial code.