Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

This release introduces :

• Multi-layer authentication for mix and matching authentication mechanism for identifying users
• Simplified and more powerful branding as well as support for rolling out multiple branding extensions
• Manageability of platform-level setting visually directly from the Atricore Console - hence without having to deal with internal configuration
• Sharepoint and Coldfusion compatibility

Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

This is a maintenance release which features improved compatibility and performance for the SAML2 stack, in addition to improved interoperability with various mainstream Federated Single Sign-On solutions.

We've today released JOSSO 2.2.1, a maintenance release of JOSSO2. It improves stability and performance. All users running 2.2.0 or earlier versions are recommended to update.

Download JOSSO CE 2.2.1 from : http://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.2.1/
Download JOSSO EE 2.2.1 from : http://www.atricore.com/software/trial

JOSSO Web Site: http://www.josso.org
Atricore Web Site: http://www.atricore.com

Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

JOSSO 2.2 includes support for Integrated Windows Authentication, leveraging the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) standard so users can harness Windows domain sessions to access service providers both on-premise and in the cloud. A simple visual interface allows you to set up an integrated Windows Authentication setting in just minutes, doing away with the days of steep learning curves when the process was hampered by technical complexity.

This release also features SAML2-readiness for Atlassian JIRA and Confluence web applications, assuring their ease of use with JOSSO (or any other standards-based Single Sign-On solution).

We've enhanced overall identity engine performance by reducing the latency associated with handling identity-centric message exchanges. Plus, the LDAP integration includes Password Policy and LDAPS support.

Last, but by no means least, JOSSO can now operate in “offline” mode, without having to rely on an Internet connection to complete the installation process.

JOSSO 2.2 includes :

• Integrated Windows Authentication (IWA) support.
• SSO-readiness for Atlassian JIRA and Confluence web applications.
• LDAP Password Policies handling.
• LDAPS support.
• Introduced caching system in the SAML2 and SPML stacks for streamlining RPC/XML processing.
• Retrofitted to the latest Atricore Identity Bus 1.2 infrastructure.
• Improvements to the SAML2 protocol stack.
• Distributed as a self-contained package for operating in “offline” mode.
• Many other minor improvements and fixes.

Download JOSSO CE from : http://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.2.0/
Download JOSSO EE from : http://www.atricore.com/software/trial

JOSSO Web Site: http://www.josso.org
Atricore Web Site: http://www.atricore.com

JOSSO 1.8.5 is mainly a maintenance release, whereas new features have been added such as the out-of-the-box support for Atlassian JIRA and Confluence products.
Furthermore, this release addresses both interoperability and user experience issues concerning Single Sign-On Agents and JOSSO2 Identity Appliances.

Download JOSSO 1.8.5 : http://sourceforge.net/projects/josso/files/JOSSO/JOSSO-1.8.5/

A new tutorial has been released which demonstrates how to setup JOSSO in a Cloud ecosystem in an out-of-the-box fashion.
This tutorial is meant to get you up and running with JOSSO for providing seamless SSO experience to users accessing Google Apps and Salesforce SaaS applications.

Play it by clicking Video Tutorial - Cloud SSO using JOSSO

Atricore’s JOSSO is an open source Internet Single Sign-On (SSO) solution for point-and-click and standards-based Internet-scale SSO implementations. Using JOSSO allows secure internet access to the Web-based applications or services of customers, suppliers, and business partners.

Now, with the release of JOSSO 2.1, Atricore extends the reach of point-and-click Internet-scale Single Sign-On into the Cloud environment, as well as maximizing security by adding cost-effective Two Factor Authentication (2FA) support.

We’ve introduced out-of-the-box interoperability support for mainstream SaaS applications such as Google Apps and Salesforce, as well as externally hosted providers built on third-party Federated SSO products.

We've also raised the bar for extensibility. JOSSO provides an extensible architecture for visual claim augmentation (adding or modifying claims using custom business logic during claims processing, for example). Organizations can harness this extensibility to modify their Internet SSO setting to better support their business policies.

Last but not least, Atricore - the company behind JOSSO - now offers JOSSO Enterprise Edition, a supported version targeted for enterprise use.

Features of JOSSO 2.1 :

• Extensible identity vault schema for augmenting user records with custom fields.
• Enhanced SAML2 support for seamless interoperability with external Service Providers like Software-as-a-Service (SaaS) applications.
• Supports “JOSSifying” both Local and Remote Execution Environments.
• Allows the contribution and association of business-specific Identity Mapping/Account Linkage to Federated SSO connections.
• Enhanced Branding Support for fine-grained customization of user-facing screens.
• Native Google Apps, Salesforce and SugarCRM Single Sign-On support.
• Strong Authentication built on WiKID-powered Two-Factor Authentication (2FA).
• Export and Import functionality for packaging and sharing Identity Appliances among JOSSO instances.
• Live Update functionality to keep your installation up to date.
• Enterprise Edition availability for Enterprise-grade.
• Extensive technical documentation now available.

Download JOSSO CE from : http://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.1.0/
Download JOSSO EE from : http://www.atricore.com/software/trial

JOSSO Web Site: http://www.josso.org
Atricore Web Site: http://www.atricore.com

Software as a Service (SaaS) has evolved as the service delivery mechanism of choice in the internet age, radically changing the way organizations acquire and utilize business applications and other computing resources. Speedy implementation, out of the box functionality and an accelerated Return on Investment (ROI) are some of the features compelling businesses to use SaaS. It's all about productivity, right? So it's no surprise that industry giants Salesforce and Google have led the pack as early adopters of the SaaS-based software delivery model. Salesforce.com offers an alternative to locally run sales force automation (SFA) packages; Google provides office productivity applications via Google Apps Premier Edition.

We can all agree that this sounds great - but here's the downside. As multiple applications are delivered, end users quickly become overwhelmed. They're managing multiple URLs and assorted usernames, not to mention the legion of passwords necessary to unlock it all. Before long, the sticky notes employed to keep track of various obscure combinations of words and numerals seem to cover every available surface.

We're in the business of providing solutions to productivity-sapping scenarios like this one. End users have become accustomed to Single Sign-On (SSO) functionality for internal applications, and they demand the same “log-on once, access everything” experience from their SaaS applications.

In this webinar, we will explain how organizations can leverage JOSSO2 to provide SSO system access to these two SaaS vendors (Google and Salesforce) in a purely visual fashion, and straight out of the box.

Webinar highlights include:

• JOSSO2 overview
• Setting up an Identity Provider and backing Identity Source
• Configuring Google Apps for standards-based SSO
• Configuring Salesforce for standards-based SSO
• Enabling Google Apps and Salesforce as the Service Providers
• Test driving the Internet SSO experience among SaaS and on-premise service providers

Thursday, April 28 - 11AM-12PM EDT. Register now by clicking the link below :https://www1.gotomeeting.com/register/750865560

JOSSO2 online video tutorial is available. we have made this video tutorial to guide you through the Standards-based Internet SSO rollout process with JOSSO2.

This tutorial consists of six parts:

• JOSSO 2 highlights
• Model your identity appliance for Internet SSO
• Activate execution environments
• Provision user accounts and entitlements
• Roll out your identity appliance
• Leverage the Internet SSO experience provided by your identity appliance

You can view this tutorial online by clicking on the link below :http://bit.ly/gMfEME

Thank you

JOSSO 2.0.2 is out. It mainly represents a maintenance release which bypasses several limitations - mostly found in the Atricore Console piece - that the first JOSSO2 code drops suffered from.

Therefore, upgrading is strongly recommended for 2.0.0 and 2.0.1 users.

Download JOSSO 2.0.2 by clicking on the link below: https://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.0.2/

Thank you

Identity and Access Management is widely considered to be a highly technical domain, with an implementation that's out of reach for most folks. The process of setting up a system for identity and access management has a well-earned reputation for technical difficulty, inconvenience, and errors; all in pursuit of an end product that most users dislike and avoid.

Over at Atricore, we're not happy with this state of affairs. We're changing things, and we think you'll like what we've accomplished. First, we put together a top-notch identity management platform, incorporating JOSSO and the Atricore Identity Bus; and now we've added ease of use. Usability translates to productivity. Get the less technically savvy people on board with your identity solutions, and you will significantly accelerate time-to-value for enabling federated identity settings.

Enter Point-and-Click Internet Single Sign On (SSO). Simply "draw" your Internet SSO setting, and bring it to life in a snap.

In this Webinar we'll use the Atricore Console and a visual modeling approach to illustrate the following points:

• JOSSO 2 highlights
• Model your identity appliance for Internet SSO
• Activate execution environments
• Provision user accounts and entitlements
• Roll out your identity appliance
• Leverage the Internet SSO experience provided by your identity appliance
• Q&A

US East Coast Time-Zone Friendly - Thursday, November 18 - 11AM-12PM EDT: https://www1.gotomeeting.com/register/658535689

US West Coast Time-Zone Friendly - Thursday, November 18 - 5-6PM EDT : https://www1.gotomeeting.com/register/296398488

Europe Time-Zone Friendly - Thursday, November 18 - 8-9AM EDT : https://www1.gotomeeting.com/register/112787569

Australian/NZ/Far East Time-Zone Friendly: Thursday, November 18 - 8:30-9:30PM EDT : https://www1.gotomeeting.com/register/205789904

JOSSO 2.0 has been finally released into the wild, enabling rapid Internet-scale Single Sign-On implementations by natively supporting SAML2 as well as playing nice with other standards in the identity arena such as SPML, WS-Trust and WS-Security.
We've also raised the bar for usability and overall user experience; Federated Single Sign-On settings can now be visually designed, delivered and managed through the RIA Console bundled with the product.
The out-of-the-box experience has also been significantly enhanced by providing an all-in-one solution.
Last but not least, JOSSO2 brings to the table seamless multi-tenancy support through the "virtualization" of Internet SSO deployments.

Join us for our upcoming free webinar on JOSSO2 in a timezone near you : http://www.atricore.com/news/josso2_webinar_11_18_10.html

This are the features of JOSSO 2.0 :

• SAML2 interoperability for enabling seamless interoperability with third-party SSO systems and Software-as-a-Service (SaaS) applications
• Bundled with a RIA (Rich Internet Application) Console for delivering a point-and-click Internet SSO setup experience
• Allows visual management of the complete lifecycle of SSO deployments
• Provides a GUI-based account and entitlement management facility
• Multi-tenancy support : Multiple isolated Federated SSO implementations can execute in parallel
• Native high-availability and scalability support, hence no need to depend on application server/container capabilities
• Cross Platform : Full compatibility with all the execution platforms supported in the JOSSO1 family
• Capable of supporting any number of SSO protocol or custom extensions to the existing ones through it's new plug-in model

Download JOSSO2 from : http://sourceforge.net/projects/josso/files/JOSSO%202/JOSSO-2.0.0/

JOSSO Web Site: www.josso.org

Atricore Web Site: www.atricore.com

JOSSO, or Java Open Single Sign-On, is an open source JEE, Spring and Windows-based transparent and standard-based Federated SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication and authorization.

The JOSSO development team is proud to announce the release of version 1.8.2, which mainly introduces transparent inbound and outbound SAML2 interoperability for seamless standard-based Federated SSO experience, includes out-of-the-box support for mainstream Portals and CMS systems, can build on multiple disparate authoritative sources of user information for carrying out authentication and plays nice with any JASPI-compatible (JSR196) application servers such as JBoss 5 and GlassFish.
What's new in 1.8.2 :

• Out-of-the-box SAML2 Federated SSO support available for all the supported platforms
• Includes virtual directory functionality for allowing authentication against multiple disparate identity silos
• JBoss 5 support
• Liferay Portal support
• Alfresco CMS support
• phpBB support
• Added JASPI (JSR196) compatibility
• Enhanced NTLM support
• Agents can now operate in non-JAAS environments
• OCSP and CRL-based X.509 certificate validation for strong authentication
• Includes many fixes and minor enhancements.

Download from :https://sourceforge.net/projects/josso/files/

See release notes here : http://www.josso.org/jira/secure/ReleaseNote.jspa?projectId=10000&version=10100

Follow the JOSSO Project on twitter at :http://www.twitter.com/josso

It's been almost two years since Stuart Kwan of Microsoft presented the Identity Bus as the "End-game for successful identity systems". Some time later, the Identity Bus is a reality, and the first open source implementation is out.

Enterprises are suffering from an exponential increase of demands in terms of interoperability, Internet-facing federation and the externalization of identity resources. Furthermore, in order for IT Directors to gain approval for projects during this economic downturn, they have to demonstrate an almost immediate return of investment.

The current approach to achieving this level of scalability is based on a "flip of the switch" style migration of legacy identity applications and underlying infrastructure to identity standards and compliant "off-the-shelf" products. Unfortunately this approach has proven to be a recipe for never-ending identity management projects full of frustration, budget over-runs and in the end, failure.

The good news is that the Identity Bus approach is here to help. It builds on the old wisdom of "think big – start small – grow big", to deliver a dollar value that is both concrete and practically immediate, in the form of significantly enhanced operational efficiency.

Atricore provides an open source Identity Bus solution that will seamlessly enable this staged approach into your organization. You will maximize your current investment in identity, while paving the way for new capabilities to be brought on board.

In this free webinar we will cover:

• What is an Identity Bus?
• Why is an Identity Bus Important?
• Where should an Identity Bus be applied?
• When should an Identity Bus be applied?
• Applications for an Identity Bus
• Introduction of the Atricore Identity Bus

Title: "Free Webinar: Identity Bus and the Future of Identity Architectures"
Date: Wednesday, March 10, 2010
Time: 8:00 AM - 9:00 AM PST

Register now by clicking the link below:
https://www1.gotomeeting.com/register/716899705

Atricore Inc. - the company that created JOSSO - has launched the Atricore Identity Bus, a new SAML2-compliant Open Source platform for standard-based Identity Federation.

Atricore Identity Bus provides a foundation for next-generation federated identity services in a secure and easy-to-manage implementation. It works with existing enterprise identity management infrastructures from a variety of vendors, right out of the box; and it easily scales and adapts to meet future identity and access management requirements.

The good news for JOSSO users is that Atricore Identity Bus enables your JOSSO-based deployment to scale out-of-the-box to a Federated setting based on SAML2.

Built from the ground up to support Security Assertion Markup Language Release 2 (SAML2), WS-Trust, Service Provisioning Markup Language (SPML) .

Atricore Identity Bus feature highlights include: :

• SAML Support - Built from the ground up to support SAML Release 2
• Federated Single Sign-On - Can realize both Identity Provider (Inbound) and Service Provider (Outbound) operational roles with any protocol stack
• Out-of-the-box JOSSO compatibility - Full JOSSO Single Sign-On protocol compatibility
• Transparent Single Sign-On - SSO Agents for mainstream application server and web containers are provided such as BEA Web Logic, Websphere, Jboss, Tomcat among others .
• Lightweight - Leverages the Spring container
• Process Oriented - Describe identity messaging flows using standard BPM notation
• Standards-based design - SAML, WS-Trust, SPML, Java EE, OSGi
• Pluggable - Provides a pluggable architecture that allows organizations to use their preferred identity stack.
• Flexible deployment configurations - Ranging from embedded, JavaEE, and standalone containers.
• Professionally Supported - Three different support packages designed to support a vast majority of implementations
• Open Source - Commercially friendly license

For more information about the Atricore Identity Bus please see the product flyer.

or download the free and open source distribution from the community website.