The openLiberty effort was established to provide easy access to tools and information that can be used to jump start the development of more secure and privacy-respecting identity-based applications based on Liberty Federation and Liberty Web Services standards. This wiki is part of the openliberty.org portal because so much of this community project requires broad participation and a tool that can handle the collaborative nature of this project. Feel free to sign up for an account and begin to make any changes to the site you feel is helpful. These pages are not moderated at this time so please use your own discretion. Read more on the About page, or on the openLiberty FAQ.
Project Aristotle is about creating a high-level general purpose application programming interface that enables application developers to access, update, and use Identity information in a privacy respectful, secure, and multi-protocol capable set of application program interfaces.
If you are a developer and finding the world of identity services just too complex, or you are about to decide to write your application as in its own "silo" so that you are insulated from the variability of a complex world; look no further! Project Aristotle is looking to solve your dilemma.
One of the challenges for developers is that identity is a complex beast. Contemplating the nature of identity has been a challenge for the identity services industry for some time. In the same vein, Aristotle was one of the first philosphers to contemplate the notions of identity, going on to invent the law of identity.
Project Aristotle's goal is to leverage existing proven technology from the identity services industry and make it available through a simplified open-source API. By using the Aristotle Identity API, developers are freed from having to become experts in protocols such as LDAP or federated identity service protocols such as SAML, ID-WSF, OpenID, or WS-Trust. They are able to create their own identity "silo", while still enjoying the benefits of integration in standards based identity services.
- Frequently Asked Questions
- ArisID Architecture
- ArisID Transactional API
- ArisID Beans
- Protocol Profiles
- Mailing List
- Aristotle Project Tracker (Planning & Bugs)
- ArisID 1.1 Release Notes
- Oracle - OVD Provider for ArisID
Related External Information
- Liberty Alliance Project - IGF Strategic Initiative site
- Oracle Technology Network - IGF site
- Blogs -
An open source implementation of the Web Services Client (ID-WSF 2.0 WSC) role for the ID-WSF 2.0 ecosystem.
As of February 25th 2008 the ClientLib is officially released as BETA code. Over the next few months we'll be writing more code and doing some interoperability testing. The ClientLib includes support for ID-WSF Authentication Service (PLAIN and CRAM-MD5), Discovery Service, a non-standard Profile Service, and Directory Access Protocol Service (ID-DAP). Both signed and unsigned messaging is supported. The Data Services Template (DST 2.1) is mostly complete. The DST 2.1 reference implementation is mostly complete. People Service is partially complete.
Play (aka Get involved ;))
ZXID is officially an openLiberty project.
ZXID aims at full stack implementation of all federated identity management and identity web services protocols. Initial goal is supporting SP role, followed by ID-WSF WSC and IdP roles. We aim at supporting US GSA E-Auth profile.
ZXID is light weight, has a small foot print, and is implemented in C. It is suitable for both high performance and embedded applications. Scripting languages are supported using SWIG, including Perl, PHP and Java. The "full stack" nature of ZXID means it's self contained and has minimal external library dependencies (see downloads).
A map of existing technologies with a goal of finding a unifying mechanism to characterize these technologies and systems, and discuss social, regulatory and business aspects of them. In addition, known open source projects and commercial products that are relevant in the identity landscape are listed here.
Other Contributers and Future Submissions
There are a few Participants who will soon be contributing code to the project. We are listing links to those projects in this section of the Wiki Home Page because we have gotten a few inquiries about pre-existing code and how it might be incorporated into the openLiberty-ClientLib project.
Caveat... source listed here may not be incorporated into the openLiberty-ClientLib project. That decision will be made by the contributing Participants.
Note: Please provide your name, the name of your project, some brief description, and a URL to your code.
Firefox ECP Plugin
An enhanced client or proxy (ECP) is a system entity that knows how to contact an appropriate identity provider, possibly in a context-dependent fashion, and also supports the Reverse SOAP (PAOS) binding [SAMLBind].
The motivation for the OpenAz project is to facilitate the development of a standard interface framework, which will provide a well-understood common basis for:
- externalizing authorization from applications
- supporting use of authorization policy engines
- building PEPs, based on XACML foundations, that can be created in a variety of language and technology contexts
- integrate existing authorization infrastructure by abstracting it within a XACML context in order to develop a authorization uniform framework
Developer Phone Calls
Join the discussions or just listen in! If you are interested in getting in on the development discussion join us for our developer calls. The bridge info is as follows:
- US/Canada 866.411.0013, pin 0123586#
- Outside US/Canada 734.615.7474, pin 0123586#
- Dialout in US http://edial.internet2.edu/call/0123586
- SIP-based sip:firstname.lastname@example.org
- Free World Dialup to 4233425 ("I2eDial") and enter 0123586
ID-WSF 2.0 ClientLib Developer Phone Calls - 1st and 3rd Thursday of every month at 8AM Pacific