A frequent annoyance in development shops that adopt best-of-breed tools from a
variety of vendors is the lack of a common single sign-on mechanism across the
tools. Two Eclipse projects, the Application Lifecycle Framework (ALF) and the
Higgins Identity projects are working together to address the authentication
aspects of tool integration.
The session will demonstrate two aspects of combining Higgins and ALF
1. Providing a single sign-on capability across web-based tools using a SAML
SSO token requested by the ALF tool wrapper and issued by the Higgins Security
Token Server (STS)
2. Using the Higgins STS to exchange the SSO token for an identity token
bound to an ALF BPEL process in order to convey a user's identity to the tools
integrated by that BPEL process.
The Eclipse Application Lifecycle Framework (ALF) project focuses on developing
an extensible framework for tool integration that leverages SOA. The
components to be demonstrated include the ALF tool SSO wrapper (a
ServletFilter), the ALF Event Manager, and the approach to SSO
The Eclipse Higgins Trust Framework project focuses on developing an
extensible, platform-independent, identity protocol-independent, software
framework to support existing and new applications that give users more
convenience, privacy and control over their identity information. The
components to be demonstrated include the Higgins STS that was contributed by
IBM, and a Identity Attribute Server Context Provider to access
an LDAP directory.
What is interesting is the synergy between these two projects and the potential
advance the combination provides to users of development tools. The
demonstrates reflects the early fruits of the projects, which both have visions
for extending the capabilities beyond this initial demonstration.
Brian Carroll is the Project Lead for ALF, has been developing software tools
for 24 years, and works for Serena Software.
Michael McIntosh is a well-published expert in web services security, is the
creator of the Higgins STS and works for IBM.
Currently the Project Lead for the Eclipse Application Lifecycle Framework (ALF) project and a Fellow at Serena Software. Brian has been developing software professionally for 40 years, the last 25 of which have been focused on developer tools and infrastructure. A former lecturer in the Information Technology department of Johns Hopkins University, Brian taught courses in web development and XML.
Professional interests include SOA and web services, extended set theory, and data modeling. Non-professional interests include guitar, skiing, and scuba diving.