EclipseCon 2007 March 5-8, Santa Clara California

Single SignOn for tools via the ALF and Higgins Projects

Brian Carroll (Serena Software), Michael McIntosh (IBM Research)

· Demo

Thursday, 14:30, 50 minutes | Room 207


A frequent annoyance in development shops that adopt best-of-breed tools from a variety of vendors is the lack of a common single sign-on mechanism across the tools. Two Eclipse projects, the Application Lifecycle Framework (ALF) and the Higgins Identity projects are working together to address the authentication aspects of tool integration. The session will demonstrate two aspects of combining Higgins and ALF components: 1. Providing a single sign-on capability across web-based tools using a SAML SSO token requested by the ALF tool wrapper and issued by the Higgins Security Token Server (STS) 2. Using the Higgins STS to exchange the SSO token for an identity token bound to an ALF BPEL process in order to convey a user's identity to the tools integrated by that BPEL process. The Eclipse Application Lifecycle Framework (ALF) project focuses on developing an extensible framework for tool integration that leverages SOA. The components to be demonstrated include the ALF tool SSO wrapper (a ServletFilter), the ALF Event Manager, and the approach to SSO for tooling. The Eclipse Higgins Trust Framework project focuses on developing an extensible, platform-independent, identity protocol-independent, software framework to support existing and new applications that give users more convenience, privacy and control over their identity information. The components to be demonstrated include the Higgins STS that was contributed by IBM, and a Identity Attribute Server Context Provider to access an LDAP directory. What is interesting is the synergy between these two projects and the potential advance the combination provides to users of development tools. The demonstrates reflects the early fruits of the projects, which both have visions for extending the capabilities beyond this initial demonstration. Brian Carroll is the Project Lead for ALF, has been developing software tools for 24 years, and works for Serena Software. Michael McIntosh is a well-published expert in web services security, is the creator of the Higgins STS and works for IBM.

Currently the Project Lead for the Eclipse Application Lifecycle Framework (ALF) project and a Fellow at Serena Software. Brian has been developing software professionally for 40 years, the last 25 of which have been focused on developer tools and infrastructure. A former lecturer in the Information Technology department of Johns Hopkins University, Brian taught courses in web development and XML. Professional interests include SOA and web services, extended set theory, and data modeling. Non-professional interests include guitar, skiing, and scuba diving.

Floor Plan

Gold sponsors

Ingres logo

BEA logo

IBM logo

Business Objects logo

Klocwork logo

Windriver logo

Red Hat logo

Actuate logo

Silver sponsors

Compuware logo

Sybase logo

Google logo






Code Gear




Innoopract logo

Lynux Works

Media sponsors

Eclipse Magazine logo logo

Methods and Tools logo

Eclipsezone logo

Addison-Wesley logo

Eclipse Magazin logo

Embedded Computing logo

SD Times logo

Enterprise Open Source logo

ACM Queue logo

TheServerSide Java Symposium

Eclipse Review logo

Software Test & Performance logo

Eclipse Developers Journal logo

Eclipse Source logo