What is JOSSO ?
JOSSO, or Java Open Single Sign-On, is an open source J2EE and Spring-based SSO infrastructure aimed to provide a solution for centralized, platform neutral, user authentication and authorization.
Main Features
- J2EE, Spring and Windows Transparent cross-domain/cross-organization Single Sign-On
- SAML support for seamless Internet/Federated SSO experience
- Pluggable Framework to allow the implementation of custom identity components using Spring or built-in IoC container.
- "5 minutes" on-the-fly set-up and deployment through custom "enhancement" console
- Runs in Apache Tomcat.
- Runs in JBoss application server.
- Runs in BEA WebLogic 8, 9 and 10 application server
- Runs in Websphere CE application server
- Runs in Apache Geronimo application server
- Runs in Windows IIS as an ISAPI connector
- Runs in any JASPI-compatible (JSR196) container such as JBoss 5 and GlassFish
- Out-of-the-box compatibility with Liferay Portal, JBoss Portal, JBoss GateIn Portal, Alfresco CMS, OpenCMS, Wavemaker and phpBB
- Native Apache Http 2.x support thus enabling transparent SSO with Ruby, PHP, Python, Perl, etc. applications
- Integrates with Spring Security for enabling fine-grained authorization.
- Provides Identity information to Web applications and EJBs through the standard Servlet and EJB Security API respectively.
- Supports Strong Authentication using X.509 client certificates.
- Windows Authentication
- LDAP support for storing user information and credentials.
- Database support for storing user information and credentials.
- Includes virtual directory functionality for allowing authentication against multiple disparate identity silos
- "Remember Me" support
- Password reset support
- Client API for PHP. This allows to build SSO-enabled PHP applications.
- Client API for Microsoft ASP. This allows to build SSO-enabled ASP applications.
- Out-of-the-box branding support
- Compatibility with Apache Pluto Portlet Container
- Standard Based: JAAS, Web Services/SOAP, EJB, Struts, Servlet/JSP,J2EE.
- 100% Java
Platforms Matrix
| Platform | Agent (SP) | Gateway (IdP) |
|---|---|---|
| JBoss 5.x | |
|
| JBoss 4.2.x | |
|
| JBoss 4.0.x | |
|
| JBoss 3.2.6+ | |
|
| Tomcat 6.0 | |
|
| Tomcat 5.5 | |
|
| Tomcat 5.0 | |
|
| Weblogic 10.0 | |
|
| Weblogic 9.2 | |
|
| Websphere CE | |
|
| Geronimo 2.1 | |
|
| Generic J2EE / JEE | |
|
| Jetty 6.x | |
|
| Apache 2.2 (php, perl, python, ...) | |
|
| PHP 4.x,5.x | |
|
| Microsoft IIS (ASP, .NET, ...) | |
|
| Liferay 5.2.x | |
|
| Alfresco 3.3 | |
|
| phpBB | |
For more information see the JOSSO Architecture Overview
Download
| Package | Version | .zip | .tgz |
|---|---|---|---|
| JOSSO Installer | 1.8.2 | Download | Download |
| JOSSO + Tomcat | 1.8.2 | Download | Download |
| JOSSO Source | 1.8.2 | Download | |
| All Bundles | 1.8.2 | All Downloads | All Downloads |
SSO Roadmap
1. Get familiar with JOSSO
Test drive JOSSO in minutes !
2. Setup your SSO Environment
Apply your organization branding to JOSSO by leveraging Apache's Struts and Tiles framework.
Setup a JOSSO-powered Identity Provider (IdP) based on the branded Gateway.
Enhance application containers onto which Jossifyed web application will run.
3. Provide the SSO user experience from your applications
SSO-enable business applications using a completely declarative thus non-intrusive approach: No need to change your application.
For more information check out the Developer guides.
Need JOSSO Support ?
For commercial support refer to Atricore, the company providing professional services for JOSSO.
For community support check out the support forums. Forum topics are answered on a volunteer basis by JOSSO users and project members.
Contributing
We are always looking for contributions. Please contact us here
News
JOSSO, or Java Open Single Sign-On, is an open source JEE, Spring and Windows-based transparent and standard-based Federated SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.
The JOSSO development team is proud to announce the release of version 1.8.2, which mainly introduces transparent inbound and outbound SAML2 interoperability for seamless standard-based Federated SSO experience, …
It's been almost two years since Stuart Kwan of Microsoft presented the Identity Bus as the "End-game for successful identity systems". Some time later, the Identity Bus is a reality, and the first open source implementation is out.
Enterprises are suffering from an exponential increase of demands in terms of interoperability, Internet-facing federation and the externalization of identity resources. Furthermore, …
Atricore Inc. - the company that created JOSSO - has launched the Atricore Identity Bus, a new SAML2-compliant Open Source platform for standard-based Identity Federation.
Atricore Identity Bus provides a foundation for next-generation federated identity services in a secure and easy-to-manage implementation. It works with existing enterprise identity management infrastructures from a variety of vendors, …
JOSSO, or Java Open Single Sign-On, is an open source JEE and Spring based transparent SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.
The JOSSO development team is proud to announce the release 1.8.1, which adds native single sign-on support for platforms such as Windows and Websphere, …
Atricore Inc. has launched this year's public training sessions for JOSSO in New York (NY) and San Francisco (CA).
The course covers topics such as how to leverage the new JOSSO 1.8 features, deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, …
JOSSO, or Java Open Single Sign-On, is an open source JEE and Spring based transparent SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.
The JOSSO development team is proud to announce the release 1.8, which represents a major leap forward in drastically lowering the integration and deployment time-frame involved in delivering Single Sign-On and Web Access Management (WAM) to all your applications.
What's new in 1. …
This month, JOSSO reached the one hundred thousand download milestone since project foundation on 2004.
We'd like to take this opportunity to thank the community and commercial sponsors for their support.
Early Bird Discount of 100 USD for Washington DC training session registration now closes on Monday, October 6.
The course covers topics such as deploying and fine-tuning the product in mid sized and high-end environments, introducing extensions for seamless integration with your underlying execution architecture, enabling JOSSO in your favorite container, applying corporate branding, Spring integration and fine grained authorization with Acegi. …
The JOSSO Single Sign-on Project 1.7 release is out, bringing fully transparent single sign-on to BEA WebLogic 9 and Apache Geronimo 2 application servers, extending as well its interoperability span to generic JEE web container such as Jetty.
As part of this release, a brand new Ajax user management application comes built-in for enabling out-of-the-box account provisioning.
What's new in 1.7 :
- Includes full support for transparent SSO with WebLogic 9. …
JBoss 4.2.2.GA+ is now supported by JOSSO 1.6. Suport patch josso-1.6-1830606 has been released to upgrade current JOSSO distribution. You can download the patch here.
For detailed technical guidelines on how to apply the patch see JBoss 4.2 Setup Guide
Apache Geronimo J2EE server 2.0 is now officially supported by JOSSO 1.6 for both Single Sign-On Agent and Gateway deployments.
For detailed technical guidelines on how to setup JOSSO with Apache Geronimo see : Geronimo 2.0.1+ Setup
A pre-configured Apache Geronimo instance and the JOSSO dependencies snapshot are available for download here : http://sourceforge.net/project/showfiles.php?group_id=116854&package_id=129496
The JOSSO Single Sign-on Project has released the 1.6 version which includes full support for the Spring framework, by leveraging its IoC container and integrating Acegi Security for fine-grained access control and authorization.
What's new in 1.6 :
- Includes full support for Spring 2.0
- Allows defining SSO beans using the Spring XML configuration format while keeping backward compatibility with the legacy one. …
Hello Josso Community,
First of all, thanks for your support during almost 3 years of life! Around 70,000 downloads and a growing community, among other things, is something that is pushing the project to the next level.
The Josso team is rapidly growing and currently putting a lot of effort on completing the upcoming Josso 2.0 release which will represent a major leap forward for Single Sign-On technology and Identity Management in general. …
What's new in 1.5 :
- Fully transparent and configuration-free cross-organization/cross-domain Single Sign-On brings simplified mid-end and high-end IdM deployments.
- Supports programmatic authentication for remote SOAP clients.
- Improved protocol allows more secure SSO message exchange through out-of-band centric messaging.
- Added support in PHP and ASP interfaces for leveraging cross-organization/cross-domain SSO and programmatic authentication.
- Runs in JBoss 4.0.5. …
