1 / 26

Application Lifecycle Framework (ALF) and Higgins coordination ALF Contribution to Higgins

Application Lifecycle Framework (ALF) and Higgins coordination ALF Contribution to Higgins. Agenda. 1. Project background Into to ALF (7 min) - Ali or Brian/Tim Intro to Higgins (7 min) - Mary/Paul 2. What ALF is building for SSO (and expects to contribute) (10 min) - Brian

maryz
Download Presentation

Application Lifecycle Framework (ALF) and Higgins coordination ALF Contribution to Higgins

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Application Lifecycle Framework (ALF) and Higgins coordinationALF Contribution to Higgins

  2. Agenda • 1. Project background • Into to ALF (7 min) - Ali or Brian/Tim • Intro to Higgins (7 min) - Mary/Paul • 2. What ALF is building for SSO (and expects to contribute) (10 min) - Brian • Discussion of how it fits with Higgins (10 min) - All • 3. Identification and discussion of project touchpoints (10 min) - Brian leads • 4. Discussion of project schedules (7 min) - Brian/Ali/Mirinda for ALF schedule • 5. Crafting the announcement (7 min) – All • 6. Next steps / Action items

  3. Brief Introduction to ALF

  4. What developers are struggling to support Deployment Performance Monitoring Release Management Provisioning TestManagement Issue Management Build Management Business Visualization Change Management Requirements Management Prototyping Requirements Definition Modeling Portfolio Management Resource Planning Project Management Point-to-point integration of n tools can mean up to n(n-1)/2 combinations; This does not scale!

  5. A better approach – Model: electric wall plug Deployment Performance Monitoring Release Management Provisioning TestManagement Issue Management Build Management Change Management Business Visualization ALF Requirements Management Prototyping Requirements Definition Modeling Portfolio Management Resource Planning Project Management Integration of n tools with ALF requires n integrations; linear growth of connections

  6. Project Objectives • Provide a SOA-based cross-tool communication infrastructure for ALM solutions • Leverage Eclipse, open source components, and industry standards • Develop common & extensible domain-specific vocabularies for improved interoperability • Provide conformance rules for varying levels of participation

  7. Event 1 Action 1 Action … Action N Task 1 Issue 1 Reqmt 1 ALF Use Case ALM Application Issue Management Type Priority Status OK Event Manager ALF Service Flow ALF Log Log Log ALM Systems Issue Mgmt. Requirement Mgmt. Project Mgmt.

  8. ALF Landscape • ALF Plans to leverage or coordinate with the following Eclipse projects or proposals: • Corona -- For Deployment & System Management • BIRT -- For Dashboard Reporting • EMF -- For Data Model & textual UIs (initiation of service flows & inspection of results) • STP -- For ESB & SOA Enablement • Higgins -- For User identity and credentials for Single Sign-On • WTP -- For Web Service Creation & Conformance • TPTP -- Potentially for BPEL Orchestration

  9. ALF Partners

  10. Brief Introduction to Higgins

  11. What is Higgins? • Higgins is a framework that will enable users and enterprises to integrate identity, profile, and relationship information across multiple systems. • Using context providers, existing and new systems such as directories, collaboration spaces, and communications technologies (e.g. Microsoft/IBM WS-*, LDAP, email, IM, etc.) can be plugged into the Higgins framework. • Applications written to the Higgins API can virtually integrate the identity, profile, and relationship information across these heterogeneous systems.

  12. Higgins Browser Extension (HBX) Relying Party Policy/Tags User-level Tools Developer Framework Web Services Eclipse RCP Demo App Other Eclipse RCP Apps HTTP/XML WSDL/SOAP Application Programming Interface (API) Higgins Core Eclipse Plug-in Java Reference Implementation STS Context Provider Interface (CPI) Root Context Provider(s) Other Root Context Providers Other Context Providers Higgins Open Source Done Higgins Open Source In progress 3rd Party Done 3rd Party In progress Key Intro to Higgins

  13. What ALF is building for SSO(that is, what ALF will contribute to Higgins)

  14. What is the focus of ALF Security • Initial focus (for RC1) is on Authentication • Authentication of users of web browser based tools • Using WS-Trust & WS-Federation Passive Requestor Profile • SAML token (ALF TGT) • Conveying credentials to all the programs invoked via web services by a ServiceFlow (BPEL process) • Using WS-Trust & WS-Federation Active Requestor Profile • SAML Token (ALF TGT and ALF ST) • Later phase focus Expands Authentication and add Authorization • Authentication of users of desktop and plug-in-based tools • Likely to leverage Corona and Eclipse platform OGSi security initiatives • Likely to JAAS (we may accelerate if possible) • Optional and/or later focus is on Authorization at the admin and serviceFlow and perhaps tool level • Note: not privileges within tools

  15. Key Standards ALF is based on • Standards for ALF RC 1 (Oct 2006) • WS-Security • UserNameToken • SAML Assertion • WS-Trust • WS-Federation • For signoff • Active Requestor Profile (Web services) • Passive Requestor Profile (Web application) • SAML Assertion (1.1 and 2.0) • WS-Policy and WS-SecurityPolicy (Static administration for RC 1.0) • Standards for post ALF 1.0 • WS-Security BinarySecurityToken • For credentials in form of Kerberos and x.509 certificates • SAML Protocol (as alternative to WS-Trust) • Dynamic discovery and exchange (per WS-Trust)

  16. What is ALF building and will contribute to Higgins • Security Token Server • Implementation likely to draw on existing art • Open source projects: CAS, Shibboleth, SourceID, … • Aids for tools to enable to SSO • Library of helper functions • For Java-based clients and server-based tools • Possibly a Web service gateway for tools that don’t support WS-Security • Intercepts messages, strips off and handles security headers • The will pass on web service messages along with logon/logoff messages • Adds security headers back on to outgoing messages

  17. ALF SSO Scenario

  18. ALF STS

  19. ALF-Higgins Touch-points

  20. ALF-Higgins Touchpoints • Basic • ALF will leverage Higgins’ • Implementation and model of user identity (when available) • Model of a user with various digital identities for credentials mapping • Example: switching to different digital identity to access a mainframe tool • Routines that map to backend identity authorities • Common use of WS-Policy • Higgins community expertise in identity and security reviews and guides ALF STS efforts • ALF developer becomes committer on Higgins for the purpose of doing building the ALF STS within Higgins • Extended • Higgins community contributes to building STS • Higgins gains additional capabilities (SSO and STS) to provide an offering more desirable to potential users

  21. Synchronizing ALF and Higgins Schedules

  22. ALF Roadmap through RC1 2006 2007 2005 Jan ‘06 Apr ‘06 Jul ‘06 Oct ‘06 1H ‘06 M1 M2 M3 RC1 M4 • System Health Reporting (Corona?, BIRT) • Core Vocabularies • Others (TBD) • Event Manager • Service Flow • Sample Prototype • Vocabulary Conformance Guide • Service Flow Designer (Oracle BPEL Plug-In) • ALF Deployment Tools (Corona?) • SSO POC (partial) • ALF Best Practices • Documentation • API • Event Definition • Event Registration • Service Provider Interfaces (SPI) • Industrialization • Vocabulary Framework • Logging • SSO

  23. Q4 Q1 2006 Q2 Q3 Q4 0.2 0.3 0.4 • Initial code • ProfileShare provider • Demo app • DONE • RSS+SSE ECF context provider • Demo app adds visualization of DigitalSubject networks • Higgins BX • Pure EODM db-backed data model • Demo of interop with MS InfoCard? • Ability to link DigitalSubjects within and across contexts • ECF collab plug-in adapted to be a Higgins context provider • Align with IdentityGang.org lexicon where possible Higgins roadmap

  24. Crafting the Announcement

  25. Draft suggestions for Joint ALF-Higgins Announcement • ALF will build the following capabilities as part of the Higgins project: • Security Token Server • Library of helper functions for Java-based clients and server-based tools • (As time permits) Web service gateway for tools that don’t support WS-Security • Timing: RC1 is targeted for October 2006 • ALF will leverage Higgins identity management facilities as soon as practical • Higgins will have a basic STS integrated with its identity management • Long term goals • Coordinate various security-related efforts: Higgins, ALF, Corona, RCP/OGSi JAAS and security, …

  26. Next steps – Action items

More Related