 | |
 — Pat Patterson, federation architect, Sun Microsystems
Pat Patterson, federation architect at Sun, hails from Britain. In 1997, after a stint as a C++ developer in financial charting applications, Pat joined JCP, a startup in London, where he built Internet security software with Java technology. In 2000, Sun acquired JCP. Pat joined Sun and continued to work in the U.K. Subsequent to yet another security-related acquisition—Waveset, now Sun Java System Identity Manager—by Sun, Pat moved to California in 2003 and transferred to access management in early 2004. After a year in product marketing, he returned to engineering and is currently on the access and federation management team under Jamie Nelson, interviewed in Part 1 of this series. In addition to his architectural role, Pat acts as community manager for OpenSSO, the open-source twin of Sun Java System Access Manager; represents Sun at the Liberty Alliance, a global organization on security standards; and collaborates with Microsoft on interoperability. All those responsibilities map well to his interests. He muses, "This job is perfect for me. Simultaneously, I keep up with the technology at the source level, champion Sun at standards bodies, and attend many major events, such as JavaOne and JavaPolis, often as a presenter."1 In this interview, Pat expounds on OpenSSO's mission, adoption model, and challenges. He also describes a significant gain to Sun and his aspiration for OpenSSO's future. 1 For a list of Pat's upcoming speaking engagements, see References. A Primer
Sun's current identity management portfolio contains four major products:
In July 2005, Access Manager became open source as OpenSSO. "Any time, as soon as my laptop is on," says Pat, "I'm in the Note: To join the dialog, see the IRC Channel section on the OpenSSO wiki for a setup guide. Mission and Adoption So far, response from the community has been gratifying: Adoption of OpenSSO is transparent and smooth. A recent blog by Sun's chief open source officer, Simon Phipps, The Adoption-Led Market, describes the try-prototype-buy support model, in which participation in the open-source community by potential customers is a key first step. Challenges and a Major Gain Other issues for the switch are—
On the other hand, involving external developers has become an excellent recruitment venue for Sun. An example is Sun technical specialist Paul Bryan, who was a third-party system integrator while working with Sun software in Vancouver, B.C. for years. He became interested in OpenID, created the OpenID Extension for OpenSSO, and subsequently joined Sun. For more details, read a January interview with Paul. "I couldn't be happier that this aspect of open source lends us frequent contact with a pool of talent, all potential candidates for Sun's job openings," Pat smiles. "Just like the advent of telecommuting, collaboration with the community has resulted in a blurred line between work and nonwork. Several members of the wider OpenSSO community have become my personal friends." Present and Future
Currently, more than 620 members have signed up to work on OpenSSO, file or fix bugs, and contribute code. "We have built a number of extensions and are continually adding new ones. Those are subprojects that the community can further develop with a more agile process," Pat tells me. "Many of the subprojects, such as the Information Card Relying Party, might become part of the product down the road. The major focus right now is to stabilize Federated Access Manager 8.0 and make it a robust release come summer." "What's on the horizon? What do you envision for OpenSSO?" I ask Pat. "Someone once likened OpenSSO to Apache for single sign-on," Pat replies. "That might yet become reality. As the project gains wide acceptance, I'd like whoever desires access control and federated SSO to immediately think of OpenSSO as the preferred choice." Talk about a goal worth striving for! References
|
| |||||||||||||||||
| | |||||||||||||||||
| ||||||||||||
Print-friendly Version
