Page Operations
Browse SpaceLabels:
What is JOSSO ?
JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners.
Main Features
- J2EE, Spring and Windows Transparent cross-domain/cross-organization Single Sign-On
- SAML support for seamless Internet/Federated SSO experience
- Bundled with GUI Console for a purely point-and-click setup and administration experience
- Pluggable Framework to allow the implementation of custom identity components using Spring or built-in IoC container.
- "5 minutes" on-the-fly set-up and deployment through custom "enhancement" console
- Runs in Apache Tomcat.
- Runs in JBoss application server.
- Runs in BEA WebLogic 8, 9 and 10 application server
- Runs in Websphere CE application server
- Runs in Apache Geronimo application server
- Runs in Windows IIS as an ISAPI connector
- Runs in any JASPI-compatible (JSR196) container such as JBoss 5 and GlassFish
- Out-of-the-box compatibility with Liferay Portal, JBoss Portal, JBoss GateIn Portal, Alfresco CMS, OpenCMS, Wavemaker and phpBB
- Native Apache Http 2.x support thus enabling transparent SSO with Ruby, PHP, Python, Perl, etc. applications
- Integrates with Spring Security for enabling fine-grained authorization.
- Provides Identity information to Web applications and EJBs through the standard Servlet and EJB Security API respectively.
- Supports Strong Authentication using X.509 client certificates.
- Windows Authentication
- LDAP support for storing user information and credentials.
- Database support for storing user information and credentials.
- Includes virtual directory functionality for allowing authentication against multiple disparate identity silos
- "Remember Me" support
- Password reset support
- Client API for PHP. This allows to build SSO-enabled PHP applications.
- Client API for Microsoft ASP. This allows to build SSO-enabled ASP applications.
- Out-of-the-box branding support
- Compatibility with Apache Pluto Portlet Container
- Standard Based: JAAS, Web Services/SOAP, EJB, Struts, Servlet/JSP,J2EE.
- 100% Java
Platforms Matrix
| Platform | Agent (SP) | Gateway (IdP) |
|---|---|---|
| JBoss 6.x |  setup |
setup |
| JBoss 5.x | setup |
setup |
| JBoss 4.2.x | setup |
setup |
| JBoss 4.0.x | setup |
setup |
| JBoss 3.2.6+ | setup |
setup |
| Tomcat 7.0 | setup |
setup |
| Tomcat 6.0 | setup |
setup |
| Tomcat 5.5 | setup |
setup |
| Tomcat 5.0 | setup |
setup |
| Weblogic 10.0 | setup |
setup |
| Weblogic 9.2 | setup |
setup |
| Websphere CE | setup |
setup |
| Geronimo 2.1 | setup |
setup |
| Generic J2EE / JEE | setup |
setup |
| Jetty 6.x | setup |
setup |
| Apache 2.2 (php, perl, python, ...) | setup |
|
| PHP 4.x,5.x | setup |
|
| Microsoft IIS (ASP, .NET, ...) | setup |
|
| Liferay 5.2.x | setup |
|
| Liferay 6.x | setup |
|
| Alfresco 3.3 | setup |
|
| Coldfusion 9 | setup |
|
| phpBB | setup |
For more information see the JOSSO Architecture Overview
Download
| Package | Version | Windows | Unix |
|---|---|---|---|
| JOSSO2 Community Edition (CE) installer | 2.2.2 | Download | Download |
| JOSSO2 Enterprise Edition (EE) installer | 2.2.2 | Download | Download |
| JOSSO1 Installer | 1.8.6 | Download | Download |
| JOSSO1 + Tomcat bundle | 1.8.4 | Download | Download |
Should I use the first or second generation of JOSSO ?
JOSSO2 is the second generation of the JOSSO product line. This generation is an all-in-one solution that enables end-to-end delivery of Internet/Federated Single Sign-On settings, building on a purely model-driven approach for lowering the entry barrier and shortening time-to-value.
If you have a rather standard and controlled setting and looking to implement it in an out-of-the-box experience with little involvement from IT, JOSSO2 might be the right choice for you.
JOSSO2 might also help at delivering an internet-scale SSO solution, hence involving external/cloud-based partner sites (e.g. suppliers, remote branches, etc.) potentially having with their own single sign-on back-end.
If you have a more custom scenario, such as requiring to implement custom SSO plug-in in order to support for instance non orthodox identity sources or authentication mechanisms, JOSSO1 might be a better choice in this case. Moreover, you'll have better chances to get free support from the large community of adopters that the project has won during his 6 years of life.
For more information on JOSSO2 you may want to have a look at the Birds-eye view document. Then, in case you wish to move forward with delivering a JOSSO2-backed implementation, you can read the Quick Start and then watch the Internet SSO rollout Video Tutorial.
SSO Roadmap
1. Get familiar with JOSSO
Test drive JOSSO in minutes !
2. Setup your SSO Environment
Apply your organization branding to JOSSO by leveraging Apache's Struts and Tiles framework.
Setup a JOSSO-powered Identity Provider (IdP) based on the branded Gateway.
Enhance application containers onto which Jossifyed web application will run.
3. Provide the SSO user experience from your applications
SSO-enable business applications using a completely declarative thus non-intrusive approach: No need to change your application.
For more information check out the Developer guides.
Need JOSSO Support ?
For commercial support refer to Atricore, the company providing professional services for JOSSO.
For community support check out the support forums. Forum topics are answered on a volunteer basis by JOSSO users and project members.
Contributing
We are always looking for contributions. Please contact us here
News
Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners. …
Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.
This is a maintenance release which features improved compatibility and performance for the SAML2 stack, in addition to improved interoperability with various mainstream Federated Single Sign-On solutions.
We've today released JOSSO 2.2.1, a maintenance release of JOSSO2. It improves stability and performance. All users running 2.2.0 or earlier versions are recommended to update.
Download JOSSO CE 2.2.1 from : http://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.2.1/
Download JOSSO EE 2.2.1 from : http://www.atricore.com/software/trial
JOSSO Web Site: http://www.josso.org
Atricore Web Site: http://www.atricore.com
Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.
JOSSO 2.2 includes support for Integrated Windows Authentication, …
JOSSO 1.8.5 is mainly a maintenance release, whereas new features have been added such as the out-of-the-box support for Atlassian JIRA and Confluence products.
Furthermore, this release addresses both interoperability and user experience issues concerning Single Sign-On Agents and JOSSO2 Identity Appliances.
Download JOSSO 1.8.5 : http://sourceforge.net/projects/josso/files/JOSSO/JOSSO-1.8.5/
A new tutorial has been released which demonstrates how to setup JOSSO in a Cloud ecosystem in an out-of-the-box fashion.
This tutorial is meant to get you up and running with JOSSO for providing seamless SSO experience to users accessing Google Apps and Salesforce SaaS applications.
Play it by clicking Video Tutorial - Cloud SSO using JOSSO
Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.
Now, with the release of JOSSO 2.1, Atricore extends the reach of point-and-click Internet-scale Single Sign-On into the Cloud environment, …
Software as a Service (SaaS) has evolved as the service delivery mechanism of choice in the internet age, radically changing the way organizations acquire and utilize business applications and other computing resources. Speedy implementation, out of the box functionality and an accelerated Return on Investment (ROI) are some of the features compelling businesses to use SaaS. It's all about productivity, right? …
JOSSO2 online video tutorial is available. we have made this video tutorial to guide you through the Standards-based Internet SSO rollout process with JOSSO2. …
JOSSO 2.0.2 is out. It mainly represents a maintenance release which bypasses several limitations - mostly found in the Atricore Console piece - that the first JOSSO2 code drops suffered from.
Therefore, upgrading is strongly recommended for 2.0.0 and 2.0.1 users.
Download JOSSO 2.0.2 by clicking on the link below: https://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.0.2/
Thank you
Identity and Access Management is widely considered to be a highly technical domain, with an implementation that's out of reach for most folks. The process of setting up a system for identity and access management has a well-earned reputation for technical difficulty, inconvenience, and errors; all in pursuit of an end product that most users dislike and avoid.
Over at Atricore, we're not happy with this state of affairs. We're changing things, …
JOSSO 2.0 has been finally released into the wild, enabling rapid Internet-scale Single Sign-On implementations by natively supporting SAML2 as well as playing nice with other standards in the identity arena such as SPML, WS-Trust and WS-Security.
We've also raised the bar for usability and overall user experience; Federated Single Sign-On settings can now be visually designed, delivered and managed through the RIA Console bundled with the product. …
JOSSO, or Java Open Single Sign-On, is an open source JEE, Spring and Windows-based transparent and standard-based Federated SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.
The JOSSO development team is proud to announce the release of version 1.8.2, which mainly introduces transparent inbound and outbound SAML2 interoperability for seamless standard-based Federated SSO experience, …
It's been almost two years since Stuart Kwan of Microsoft presented the Identity Bus as the "End-game for successful identity systems". Some time later, the Identity Bus is a reality, and the first open source implementation is out.
Enterprises are suffering from an exponential increase of demands in terms of interoperability, Internet-facing federation and the externalization of identity resources. Furthermore, …
Atricore Inc. - the company that created JOSSO - has launched the Atricore Identity Bus, a new SAML2-compliant Open Source platform for standard-based Identity Federation.
Atricore Identity Bus provides a foundation for next-generation federated identity services in a secure and easy-to-manage implementation. It works with existing enterprise identity management infrastructures from a variety of vendors, …
Recent Activity
!banner-josso-new.png|align=center!
