OpenSSO is one of the best (if it isn’t the best one) open source web Single Sign On projects out there. Sun Microsystems on 2008 open-sourced one of their products called Access Manager, and rebranded it as OpenSSO. But it’s sad to see how Oracle after Sun acquisition, is slowly shutting down this amazing open source project, marking it as “not strategic” and dismembering the few parts they think are worth for their own SSO product. They started on December by freezing the next express release, and during the last few weeks they have slowly started to remove all the open source downloads from OpenSSO website. Last but not least, they have also started to remove content from the wiki. Now, the only download available is the enterprise version, which is buried very deeply at Oracle’s website (it took me like 15 minutes to find it, it isn’t even listed as an Oracle product),and the patch sets that also were free to download, are now only available to paying customers with a valid support contract.
If this had happened with a proprietary product, then undoubtedly OpenSSO would have died when the plug was pulled, and the only way out for current users would have been be the “upgrade path” to Oracle’s SSO product. This upgrade by it self would have cost a lot of money, not even counting license fees, not fair for a good that they had for free before.
But here it comes the awesomeness of the open source community: A Norwegian company called ForgeRock has stepped up to give OpenSSO a new home and continue developing OpenSSO under a new name: OpenAM (because of trademark issues with the name). They claim they will continue with Sun’s original roadmap for the product, and they have started to make available again all of the express builds, including agents, that were removed from OpenSSO’s site, and a new wiki with all the content that once was available at
This is great news for people like me, that where involved in projects with OpenSSO. ForgeRock will assure the project continues alive, our customers or any other user can’t be forced to the “upgrade path” if they don’t want to and they can switch to OpenAM whenever they want. There is also another company giving OpenSSO support on Europe, so if you are a current OpenSSO user and don’t like to have Oracle on your back then you have other options from where to choose.
ForgeRock will also be releasing other projects related to SOA and identity management technologies, some of them also based on other open source projects like OpenESB and an identity management solution completely written from scratch. This seems will happen after the transition of OpenSSO to it’s new home and when the re-launching under the new OpenAM name is complete.
I don’t have anything more left to say but ForgeRock thanks and you rock !!