The initiative marries the increasingly popular technical standard, User-Managed Access (UMA), which provides a blueprint for addressing digital consent and privacy, with ForgeRock’s open source access management project, OpenAM.
Believe it or not, weeks before the announcement of OpenUMA, I was in a customer's site based in Singapore and the IT Director was discussing with me the roadmap for OpenAM and the features he was looking for. FYI, we have deployed OpenAM 10.0.1 for his company and are in the midst of upgrading to 10.0.2.
Most of his applications are .Net and his authentication source is Microsoft Active Directory. He is thinking of migrating to Office 365 in the near future. That makes OpenAM 12 a good candidate.
We were wondering what does "Cloud Connector Wizards - Office 365" mean? I presumed it meant OpenAM 12 can better integrate with Office 365. And that's why we were not hurry to upgrade to OpenAM 11.x. Instead, we chose to upgrade to the latest stable release of OpenAM 10.
We moved on and he told me his biggest nightmare now is every application is implementing their own authorization rules. He wanted to isolate authorization from every application and implement at a higher-level in OpenAM. OpenAM is where he saw will be the centralized Authentication & Authorization engine.
The authorization in discussion here is not coarse-grained authorization currently implemented in OpenAM policies & OpenAM Policy Agents. He is looking for an enterprise-wide access management for applications. I searched around and found Access Management 2.0 for the Enterprise to be the correct term.
There is a case study written by Eve Maler - Case Study: Access Management 2.0 for the Enterprise. By the way, I told him Eve Maler has already joined ForgeRock as vice president of innovation and emerging technology. And I even told him there should be something exciting brewing. :)
Coincidentally, weeks later, OpenUMA is announced.
The million dollar question is when will OpenUMA be fully integrated with OpenAM?