Misplaced Pages

OpenIDM

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

OpenIDM is an open-source identity management system written in the Java programming language. The OpenIDM source code is available under the Common Development and Distribution License (CDDL). OpenIDM is designed with flexibility in mind, leverages JavaScript as default scripting language to define business rules during provisioning. All capabilities of OpenIDM expose RESTful interfaces. As an integration layer, OpenIDM leverages the Identity Connectors (adopted by ForgeRock as OpenICF) and has a set of default connectors.

#899100

24-548: ForgeRock launched the OpenIDM project on October 27, 2010 at GOSCON in Portland following a 6-month internal development process. ForgeRock felt there was no strong open source identity provisioning project, and launched OpenIDM under CDDL licensing for compatibility with OpenAM and OpenDJ . However, just giving access to an old, flattened X.0.0 source tree which usually still contains many bugs, can hardly be described as what

48-545: A different license, as long as the source code is still available under CDDL, which should enable more commercial business cases, according to Sun. Like the MPL the CDDL includes a patent grant to the licensee from all contributors ("patent peace"). However, in section 2.1(d), the patent grant is lost if the code implementing a patented feature is modified. The previous software license used by Sun for its open source projects

72-588: A paid, commercial license. Several free and open-source forks of OpenAM now exist under the Common Development and Distribution License : OpenAM supports the following features: Common Development and Distribution License The Common Development and Distribution License ( CDDL ) is a free and open-source software license , produced by Sun Microsystems , based on the Mozilla Public License (MPL). Files licensed under

96-416: Is GPL incompatible. That was part of the design when they released OpenSolaris. ... the engineers who wrote Solaris ... had some biases about how it should be released, and you have to respect that. Simon Phipps (Sun's Chief Open Source Officer at the time), who had introduced Cooper as "the one who actually wrote the CDDL", did not immediately comment, but later in the same video, he says, referring back to

120-482: Is a fork which was initiated following Oracle's purchase of Sun. Announced by Sun Microsystems in July 2005, OpenSSO was based on Sun Java System Access Manager , and was the core of Sun's commercial access management and federation product, OpenSSO Enterprise (formerly Sun Access Manager and Sun Federation Manager). In July 2008, Sun announced paid support for regular "Express" builds of OpenSSO. Sun's stated intent

144-507: Is one of several Open Source Licenses which are incompatible with GPL . This characteristic was inherited from the MPL 1.1 (fixed with the MPL 2.0 according to the FSF ) and results from a complex interaction of several clauses; the root of the problem being GPL virality , similar to other cases of GPL incompatibility. Some people argue that Sun (or the Sun engineer) as creator of the license made

168-484: Is usually understood as Open Source. So since it prevents the community from taking part on developing within the latest version aka trunk, doesn't give any insights, what actually got fixed/features got merged, it should be considered closed source, now (end 2016). Full leveraging the Open Source project Identity Connector Framework from Sun Microsystems as integration layer to resources, ForgeRock announced to adopt

192-501: The Free Software Foundation (FSF) also considered the CDDL a free software license, they saw some incompatibilities with their GNU General Public License (GPL). The question of whether and when both licenses are incompatible sparked debates in the free software domain in 2004 to 2006. For instance, the FSF considered the CDDL incompatible to their GPL license, without going into detail until 2016. CDDL

216-554: The CDDL can be combined with files licensed under other licenses, whether open source or proprietary. In 2005 the Open Source Initiative approved the license. The Free Software Foundation (FSF) considers it a free software license , but one which is incompatible with the GNU General Public License (GPL). Derived from the Mozilla Public License 1.1, the CDDL tries to address some of

240-510: The CDDL intentionally GPL incompatible. According to Danese Cooper one of the reasons for basing the CDDL on the Mozilla license was that the Mozilla license is GPL-incompatible . Cooper stated, at the 6th annual Debian conference , that the engineers who had written the Solaris kernel requested that the license of OpenSolaris be GPL-incompatible. Mozilla was selected partially because it

264-657: The Free Software Foundation. In 2015, the CDDL to GPL compatibility question reemerged when Ubuntu announced inclusion of OpenZFS by default. In 2016 Ubuntu announced that a legal review resulted in the conclusion that it is legally acceptable to use ZFS as binary kernel module in Linux. (As opposed to building it into the kernel image itself.) Others followed Ubuntu's conclusion, for instance James E. J. Bottomley argued there cannot be "a convincing theory of harm" developed, making it impossible to bring

SECTION 10

#1732798375900

288-629: The GPL requires all scripts required to build the work to be licensed freely, they do not necessarily have to be under the GPL. Thus not causing an incompatibility that violates the license . He also argued that in "combined works" (in contrast to " derived works ") GPL and CDDL licensed code is compatible. Red Hat 's attorneys have prevented cdrtools from being in Fedora or Red Hat Enterprise Linux , arguing that Schilling has an "unorthodox" view of copyright law that isn't shared by their legal counsel or

312-589: The case to court. Eben Moglen , co-author of the GPLv3 and founder of the SFLC , argued that while the letter of the GPL might be violated, the spirit of both licenses is unharmed, which would be the relevant aspect in court. The SFLC mentioned also that a precedent exists with the Andrew File System 's kernel module, which is not considered a derivative work of the kernel by the kernel developers. On

336-517: The delay, the GPL, or both—this is not clear from the video). Later, in September 2006, Phipps rejected Cooper's assertion in even stronger terms. Similarly, Bryan Cantrill , who was at Sun at that time and involved in the release of CDDL licensed software stated in 2015 that he and his colleagues expected in 2006 the fast emergence of CDDL licensed software into the Linux ecosystem and the CDDL being not an obstacle. The GPL compatibility question

360-473: The license issue, "I actually disagree with Danese to some degree", while describing the strong preference among the engineers who wrote the code for a BSD-like license, which was in conflict with Sun's preference for something copyleft , and that waiting for legal clearance to release some parts of the code under the then unreleased GNU GPL v3 would have taken several years, and would probably also have involved mass resignations from engineers (unhappy with either

384-459: The problems of the MPL. Like the MPL, the CDDL is a weak copyleft license in-between GPL license and BSD / MIT permissive licenses , requiring only source code files under CDDL to remain under CDDL. Unlike strong copyleft licenses like the GPL, mixing of CDDL licensed source code files with source code files under other licenses is permitted without relicensing. The resulting compiled software product ("binary") can be licensed and sold under

408-836: The project and forming a community around the framework, all under the new name OpenICF. January 17, 2012 ForgeRock announces OpenIDM 2.0 of OpenIDM. February 20, 2013 ForgeRock announced OpenIDM 2.1, part of the Open Identity Stack which is the latest stable release of OpenIDM. August 11, 2014 ForgeRock announced OpenIDM 3.0. Since November 2016, ForgeRock closed OpenIDM source code, renamed OpenIDM to Forgerock Identity Management and started to distribute it under commercial license. OpenIDM 3.0.0 resumed to maintain by Open Identity Platform Community and issued new release. May 21, 2024 Open Identity Platform community released OpenIDM 6.0. ForgeRock posted an OpenIDM roadmap stretching from release date to end of 2012 also outlining

432-478: The project principles. This computer security article is a stub . You can help Misplaced Pages by expanding it . OpenAM OpenAM is an open-source access management, entitlements and federation server platform. Now it is supported by Open Identity Platform Community . OpenAM (Open Access Management) originated as OpenSSO , (Open Single Sign-On) an access management system created by Sun Microsystems and now owned by Oracle Corporation . OpenAM

456-434: The project. ForgeRock renamed the product to OpenAM as Oracle retained the rights to the name OpenSSO. ForgeRock also announced that they would continue delivering on the original Sun Microsystems roadmap. It was sponsored by ForgeRock until 2016. In November 2016, without any official statement, ForgeRock closed OpenAM source code, renamed OpenAM to ForgeRock Access Management and began distributing source code under

480-462: Was also the source of a controversy behind a partial relicensing of cdrtools to the CDDL which had been previously all GPL. In 2006, the Debian project declared the cdrtools legally undistributable because the build system was licensed under the CDDL. The author, Jörg Schilling, claimed that smake is an independent project and does not violate the GPLv3 . Schilling also argued that even though

504-526: Was announced, OpenSSO Enterprise 8.0 Update 1 was released. Oracle completed their acquisition of Sun Microsystems in February 2010, and shortly thereafter removed OpenSSO downloads from their website in an unannounced policy change. OpenSSO was forked as OpenAM, developed and supported by ForgeRock. ForgeRock announced in February 2010 that they would continue to develop and support OpenSSO from Sun now that Oracle had chosen to discontinue development on

SECTION 20

#1732798375900

528-528: Was approved as an open source license in mid January 2005. The second CDDL proposal, submitted in early January 2005, includes some corrections that prevent the CDDL from being in conflict with European Copyright law and to allow single developers to use the CDDL for their work. In 2006, in the first draft of the OSI's license proliferation committee report, the CDDL is one of nine preferred licenses listed as popular, widely used, or with strong communities. While

552-685: Was that express builds would be released approximately every three months, allowing customers early access to new features. In September 2008, Sun announced OpenSSO Enterprise 8.0, the first commercial product derived from the OpenSSO project. OpenSSO Enterprise 8.0 was released in November 2008. OpenSSO Enterprise won the "Security" category of the Developer.com Product of the Year 2009 awards. In May 2009, shortly after Oracle's acquisition of Sun

576-534: Was the Sun Public License (SPL), also derived from the Mozilla Public License . The CDDL license is considered by Sun (now Oracle ) to be SPL version 2. The CDDL was developed by a Sun Microsystems team (among them Solaris kernel engineer Andrew Tucker and Claire Giordano ), based on the MPL version 1.1. On December 1, 2004 the CDDL was submitted for approval to the Open Source Initiative and

#899100