A few years ago I had the pleasure to work with Rajesh Rajasekharan at Sun. He was an efficient trainer on Sun products and especially on Sun Directory Server. He recently joined ForgeRock and has started a series of blog posts and screen-casts on ForgeRock products and especially OpenDJ, but not only !
If you are getting started with the products or want to see demos of them, there’s no better place than to be on the “Learning Curve”
Thanks to Chris Lee, the most recent technical writer at ForgeRock, there is now a new visual design for the snapshot documentation for our open source projects.
Check it out on the OpenDJ Administration Guide, the OpenDJ SDK Developer’s Guide, the OpenIDM Integrator’s Guide or the Guide to OpenIG…
Last week at the nice Powerscourt Estate, outside Dublin, Ireland, ForgeRock hosted the European Identity Relationship Management Summit, attended by over 200 partners, customers, prospects, users of ForgeRock technologies. What a great European IRMSummit it was !
If you haven’t been able to attend, here’s some highlights:
I heard many talks and discussions about Identity being the cornerstone in the digital transformation of enterprises and organizations. It shifting identity projects from a cost center to revenue generators.
There was lots of focus on consumer identity and access management, with some perspectives on current identity standards and what is going to be needed from the IRM solutions. We’ve also heard from security and analytics vendors, demonstrating how ForgeRock’s Open Identity Stack can be combined with the network security layer or with analytics tools to increase security and context awareness when controlling access.
User Managed Access is getting more and more real, as the specifications are getting close to be finalised and ForgeRock announced the OpenUMA initiative for foster ideas and code around it. See forgerock.org/openuma.
Many talks about Internet of Things and especially demonstration around defining the relationship between a Thing and a User, securing the access to the data produced by the Thing. We’ve seen a door lock being unlocked with a NFC enabled mobile phone, by provisioning over the air the appropriate credentials, a smart coffee machine able to identify the coffee type and the user, pushing the data to a web service, and asking the user for consent to share. There’s a common understanding that all the things will have identities and relations with other identities.
There were several interesting discussions and presentations about Digital Citizens, illustrated by reports from deployments in Norway, Switzerland, Nigeria, and the European Commission cross-border authentication initiatives STORK and eIDAS…
Half a day was dedicated to ForgeRock products, with introductory trainings, demonstrations of coming features in OpenAM, OpenDJ, OpenIDM and OpenIG. During the Wednesday afternoon, I did 2 presentations on OpenIG, demonstrating the ease of integration of OAuth2.0 and OpenID Connect to protect applications and APIs, and on OpenDJ, demonstrating the flexibility and power of the REST to LDAP interface.
All presentations and materials are available online as pdf and now as videos on the ForgeRock’s YouTube page. You can also find here a short summary of the Summit in a video produced by Markus.
The summit wouldn’t be such a great conference if there was no plan for social interactions and fun. This year we had a nice dinner in the Powerscourt house (aka the Castle) followed by live music in the pub. The band was great, but became even better when Joni and Eve joined them for a few songs, for the great pleasure of all the guests.
Of course, I have to admit that the best part of the IRM Summit in Ireland was the pints of Guinness !
To all attendees, thank you for your participation, the interesting discussions and the input to our products. I’m looking forward to see you again next year for the 2015 edition. Sláinte !
As usual, you can find the photos that I’ve taken at the Powerscourt Estate on Flickr. Feel free to copy for non commercial use, and if you do republish them, I would appreciate getting the credit for them.
[Updated on Nov 11] Added link to the highlight video produced by Markus
[Updated on Nov 13] Added link to the slideshare folder where all presentations have been published
[Updated on Nob 24] Added link to the all videos on ForgeRock’s YouTube page
There are conferences and there are Conferences. The Conferences are the ones that you remember, because they happened in unusual places, because they’ve had a different atmosphere, you’ve met lots of friendly and bright persons. They are the ones you leave with the satisfaction of having learned something, having received value, and you’re looking forward to come back next year.
The IRM Summit is one of these Conferences. The next European IRM Summit is taking place in November, 3 – 5, near Dublin, Ireland, at the Powerscourt Estate pictured here. It’s a 2 days event where you can learn and discuss about the Identity Relationship Management space, standards, platforms, solutions…There will be many presentations, demos, trainings, plenty of time for discussions and meetings, a free half day Kantara Initiative workshop around “Trusted IDentity Exchange (TIDX)”, and some fun. I can already hear the fiddle, the pipes, the harp and smell the Guinness ! And I hope the weather will let us enjoy the wonderful garden.
Check out the agenda and the list of speakers, and don’t wait until last minute to register. While there are hundreds of rooms available, they are still counted and limited. Last year’s summit was sold out !
I’m looking forward to see you in beautiful Ireland !
The date has been set, the 2014 ForgeRock summit in United States will take place on the week of June 2nd, in Phoenix AZ.
Make sure you block the date in your calendar ! I hope to see you there.
And if you’re in Europe, don’t panic ! We are also planning an EMEA summit in the fall. The date and location will be announced later.
Last week, ForgeRock hosted its first european Open Identity Summit, in the “Chateau de Béhoust” just outside Paris. For two and half days, our 110+ visitors, a mix of customers, prospect customers, partners and consultants, could attend presentations, meet and greet with ForgeRock employees, have lengthy discussions with peers, exchanging experience or use case scenarios around the ForgeRock Open Identity Stack. All of this in a very relaxed and friendly atmosphere.
All of the presentations have been filmed and will be available shortly through our web site and the summit page. If you missed the event and want to get a feel of the content, please check Simon Moffat’s review.
As usual, I’ve taken a few pictures of the event.
Thanks to all attendees and sponsors of the event. And see you next year for the second edition of our ForgeRock summits.
We will be gathering at ForgeRock’s luxe Chateau, Domaine de Béhoust (just outside Paris), where our Open Identity Stack community will delve into OpenAM, OpenIDM, and OpenDJ best practices, use cases, how-tos, and more.
We’ve been saying for a long time that identity & access management (IAM) must be reconstructed to adapt to today’s problems. Modern APIs, standards, scale, speed, and modular architecture are all needed for successful modern IAM deployments. The agenda will include dynamic working sessions addressing the latest IAM developments, including mobility, identity bridge, and customer case studies.
A call for papers is open. If you are doing something interesting with the Open Identity Stack and you would like to share the experience by presenting a session at the summit, send your proposal by September 4.
ForgeRock’s chateau is large, but registration is limited. Therefore, I encourage you to reserve your spot and register quickly !
If you want to get a feel of the atmosphere of the conference, check the photo album from the first ForgeRock Open Identity Summit or get a glimpse at the skills of one of our keynote speakers :
I hope to see you at ForgeRock’s chateau in October !
I hope all attendees enjoyed the summit as much as I have. It’s been a real pleasure to meet face to face some of the project members, customers and partners I’ve interacted with, over emails and phone for the last 3 years, and to see again colleagues, ex-coworkers…
All the photos that I’ve captured during the summit are now publicly available on Flickr.
See you at the next summit !
[Update on June 19] The presentations from the summit are now online. Goto the Summit page and click on the Agenda.
Time is running fast and the ForgeRock Open Identity Summit is just around the corner.
For those who haven’t registered yet, I believe that there are still a few spots available : http://forgerock.com/summit/.
For the other ones, I’m looking forward to see you next week, in sunny and beautiful Pacific Grove.
We’ve been thinking about this since the begining of ForgeRock, and we’ve finally set a date, a great location and even lined up Keynote speakers.
Join us on June 12th to 14th, 2013, in Pacific Grove, California for the first ForgeRock Open Identity Summit, an event for and with the community of the OpenAM, OpenDJ and OpenIDM projects. The agenda is still work in progress and will be previewed soon. But you can be part of it. A call for paper is opened, but not for long. You have up to May 6th to submit your proposals for presentations. Don’t wait for the last minutes !
A note on logistics, please make sure to book your hotel, registration is not complete until you’ve booked your room! Space at Asilomar is filling up, so we encourage you to register ASAP to reserve your spot.
We’re looking forward to seeing you at the event!
The WordPress.com stats helper monkeys prepared a 2012 annual report for this blog.
But before diving in the details of the blog itself, I’d like to do a short personal and professional review of 2012.
2012 has been an amazing year. We’ve grown ForgeRock at an incredible pace, doubling the staff, globally as well as in France. We’ve moved to new offices, with some extra space to welcome additional stars to our band (yes, we’re still hiring and looking for developers with excellent Java programming skills). We’ve made available 3 releases of OpenDJ, 3 of OpenIDM and 1 major release of OpenAM. However we missed our target of releasing OpenDJ 2.5. With the growth of the team and the company, we’ve made the OpenDJ release more ambitious than originally planned, adding a REST/Json to LDAP service, to facilitate the development of applications that need to access the data. All of it should be available in the coming months.
Blogging wise, I’m satisfied with the ratio of articles published until July, then the workload has impacted my ability to write as often as I would like… Part of the new year resolutions is to resume posting here at a regular pace, similar or better than in 2012. I hope you will enjoy reading and joining the discussion…
Now with the annual report :
Here’s an excerpt:
4,329 films were submitted to the 2012 Cannes Film Festival. This blog had 34,000 views in 2012. If each view were a film, this blog would power 8 Film Festivals
This is a big milestone for ForgeRock and the OpenAM project, an open source WebSSO, Authentication, Authorization, Federation and Entitlements solution. After months of development (a few more than we anticipated), we’ve finally released OpenAM 10.0.0, a major version of the product.
OpenAM 10 brings a set of new features, including support for OAuth 2.0 client authentication, the ForgeRock Identity Gateway (built out of project OpenIG), enhanced SAML 2 identity provider capabilities, a new Risk Based Authentication module, … It also now relies on OpenDJ 2.4.5, the latest stable release of OpenDJ the open source LDAP directory server, and supports the internet-draft based LDAP password policy. You can find more details in the press announcement, or the product release notes. The documentation of the OpenAM 10 release can be read at http://docs.forgerock.org/en/index.html?product=openam&version=10.0.0.
The OpenAM 10 release owes a lot to the OpenAM community, for the issues raised : a total of 41 issues fixed in OpenAM 10 were raised by 26 different persons, and for the generous patches offered to fix over a dozen of these issues.
To each and every contributor : THANK YOU !
Last month, just before the French national day, I was in Strasbourg to participate in the RMLL.
On the occasion, I did a presentation in the security track, about OpenAM Universal Gateway, another piece in the complex puzzle of Web Single Sign-On. The Universal Gateway solves an important problem in Access Management: allowing single sign-on for applications that are usually left out because they are based on legacy or non standard based technology.
The Universal Gateway comes from ApexIdentity, an acquisition that ForgeRock did in the spring. It’s been released in open source as part of the OpenAM source code repository.
The presentation I did was in French, and so are the slides.
You can find more about the Universal Gateway on ApexIdentity web site, and soon on OpenAM documentation.
It’s been a few very busy weeks and I haven’t found the time to properly introduce a new member of the ForgeRock Grenoble Engineering Center : Mark Craig.
Mark comes from Sun Microsystems (and a few months at Oracle) where he has played different roles, from technical writer, to manager for all technical writers in the Identity Management BU, to managing the Directory Integration Team responsible for customer interactions and audits, performance benchmarks and assisting POCs. At ForgeRock, Mark goes back to his roots and things he enjoys and excels in: writing.
You can read Mark’s prose on his new blog (Margin Notes 2.0), OpenDJ blog or already on ForgeRock documentation wiki.
For many years, I’ve been working in collaboration with the Sun access management product team, as it started working on the Directory Server Access Management Edition (DSAME) product that years later became Sun Access Manager and OpenSSO. And now that I’m at ForgeRock, I have the pleasure to keep working with some members of that team, on OpenAM, the continuation of the OpenSSO open source project.
My knowledge of the product is rather shallow as I’ve worked on several case studies or issues related to customers and LDAP directory servers, but I never had a chance to deploy a service for production use or even extensive testing.
So when I learnt that Packt Publishing was releasing a book on “OpenAM”, writen by Indira Thangasamy, an ex-colleague of mine and manager of the Quality Assurance team, I asked if I could get a copy for review, which Packt kindly agreed to.
I haven’t finished the book yet, as it’s over 250 pages of content, covering all aspects of the OpenAM software, from its history, its components and services, to its integration with Google Apps or SalesForce… But from what I’ve read (about 2/3 of the book), I can say that the book is easy to read and well organized. It helps a beginner to grasp the concepts and starts using the product, thanks to the detailed explanations and diagrams. As the chapters advance and dive into specific technical areas, Indira uses real-world examples and simple code or commands, followed by detailed description to illustrate what OpenAM does or does not, giving a comprehensive picture of the fully featured product.
Some of the features of OpenAM are not covered in the book, like Federation or the most recent Entitlement Services or Secure Token Services. I hope they will be covered in a revised edition or may be another book, as these features are becoming more used and important to enterprise security and access management.
In summary, if you’re about to, or have just started to engage on a project with OpenAM, this book will help you understand the technology and ease your ramping up. But even for the more experienced users of OpenAM, the book contains full of details, tips and example that will save you time and make you more efficient.
You can find the book on Pack-Publishing web site or Amazon.
Ludo Sketches 
