OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Contrib/6995
Full headers

From: shawn.mckinney@jtstools.com
Subject: Request for Contribution of Identity Access Management Software to OpenLDAP Project
Compose comment
Download message
State:
0 replies:
6 followups: 1 2 3 4 5 6

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 15 Jul 2011 01:51:40 +0000
From: shawn.mckinney@jtstools.com
To: openldap-its@OpenLDAP.org
Subject: Request for Contribution of Identity Access Management Software to OpenLDAP Project
Full_Name: Shawn McKinney
Version: All
OS: All
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (99.34.198.251)


Hello,

We have created a new Identity and Access Management SDK, called Fortress, that
uses Java and OpenLDAP to provide authentication, RBAC, ARBAC, password
policies, auditing and more.

It has taken us 2.5 years of steady work to get it ready for this 1.0 release. 
This SDK has approximately 50K lines of Java code of which approximately 25K are
dedicated to testing using JUnit automated tests to ensure it works correctly. 
There are in excess of 100 public APIs available for use.  There is also a Java
EE container plug-in that provides authentication and authorization services to
Websphere, Tomcat and JBoss app servers in a declarative fashion.  

This product has not been published and we would like to release it as one of
the products under OpenLDAP family of products.  The product will be released
under New BSD open source license (license information is contained in the
source archives on ftp server).

I have uploaded seven packages to our FTP server that contain the source,
documentation and other items for you to look at.

host: jtstools.com
user: jtsguest1
pw: OpenLd@p1

The packages are as follows:

Fortress Core SDK

   1. source - fortressSrc-1.0.0-rc1.zip - 352K bytes
   2. source - fortressTestSrc-1.0.0-rc1.zip - 159K bytes
   3. tutorial/doc - fortressSamples-1.0.0-rc1.zip - 766K bytes
   4. javadoc - fortressDoc-1.0.0-rc1.zip - 1.4M bytes
   5. ldap (folder) - Fortress schema and OpenLDAP slapd.conf


Fortress Realm (Java EE Container plug-ins)

   6. source - fortressRealmSrc-1.0.0-rc1.zip - 45K bytes
   7. javadoc - fortressRealmDoc-1.0.0-rc1.zip - 76K bytes


Package 4 contains complete javadoc for the APIs. 

In package 4, this link, ./fortressDoc-1.0.0-rc1/index.html, contains the
overall summary of the SDK.

this link, ./oamCore/trunk/dist/docs/api/index.html, contains package
descriptions along with detailed documentation describing the contents of the
SDK.

What we are requesting from the OpenLDAP foundation:

1. Source code repository to host the SDK and Realm packages.
2. Bug tracking.
3. Developer and User forums.
4. Wiki (this is a nice to have)

Our goal is to run the open source project with your organization and cultivate
a healthy developer and user community.  We have high hopes for this product
(and OpenLDAP) and consider the 2 products together as an open source
alternative for IAM products that will compete with the commercial vendor
offerings.  

Once 1.0 is released, we will begin working on 2.0 which will include UI's to
control Fortress and OpenLDAP along with a policy server to wrap the Fortress
Java APIs with HTTP/REST Web APIs to make it available to all platforms.

Thanks in advance for your consideration.

Shawn McKinney
JoshuaTree Software
shawn.mckinney@jtstools.com

Followup 1

Download message
Subject: Re: (ITS#6995) Request for Contribution of Identity Access Management Software to OpenLDAP Project
From: Kurt Zeilenga <Kurt@OpenLDAP.org>
Date: Mon, 15 Aug 2011 14:35:27 -0700
Cc: openldap-its@OpenLDAP.org
To: shawn.mckinney@jtstools.com
Shawn,

I have reviewed the submitted materials.

Other than a lack of a statement of origin, I find no reason why these materials
cannot be accepted.  Please submit a "statement of origin" in a follow-up to
this ITS.  This can simply be a statement to the effect that the all the
submitted materials were authored by JoshuaTree Software, JoshaaTree is the
exclusive owner of the works, and that the contribution is made available as
indicated by the copyright and license statements in the work.  If the work
includes materials derived from works to which others own or otherwise have
rights to, please detail.

The Foundation has no objection to the Project establishing a sub-project of the
OpenLDAP Project, similar to the Java LDAP and JDBC-LDAP sub projects, to
develop works based upon your contribution.  It is the Foundation understanding
that Project is also willing to establish such a sub-project, and extend commit
privs to the key developers who produced the contributed work.

It is noted that the OpenLDAP Foundation, if it accepts the final contribution,
would from time to time publish works derived (such as the source repository
itself, and possibly packaged source bundles) from your contribution as well as
possibly the contributions of others.  The OpenLDAP Foundation will license its
copyright right interests (initially likely quite limited) using the OpenLDAP
Public License, and will encourage community members to license their
contributions in a manner consistent with our general contribution guidelines. 
The OpenLDAP Public License is compatible with the 'New BSD open source license'
and similar in its basic terms.

The initial COPYRIGHT file (upon acceptance and initial publication by the
OpenLDAP Foundation) would be based on the COPYRIGHT file currently found in
OpenLDAP Software distributions, excepting JoshuaTree Software would be named as
the contributor of the materials for which the published work is derived from,
and notice immediately following the Foundation's notice would be that provided
by JoshauTree covering the work as contributions.

It is noted that I recently attempted to re-download the materials and they were
no longer available.  That fine, we'd want you to upload fresh zips to our
servers once we all were ready to proceed.

Regards, Kurt

On Jul 14, 2011, at 6:51 PM, shawn.mckinney@jtstools.com wrote:

> Full_Name: Shawn McKinney
> Version: All
> OS: All
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (99.34.198.251)
> 
> 
> Hello,
> 
> We have created a new Identity and Access Management SDK, called Fortress,
that
> uses Java and OpenLDAP to provide authentication, RBAC, ARBAC, password
> policies, auditing and more.
> 
> It has taken us 2.5 years of steady work to get it ready for this 1.0
release. 
> This SDK has approximately 50K lines of Java code of which approximately
25K are
> dedicated to testing using JUnit automated tests to ensure it works
correctly. 
> There are in excess of 100 public APIs available for use.  There is also a
Java
> EE container plug-in that provides authentication and authorization
services to
> Websphere, Tomcat and JBoss app servers in a declarative fashion.  
> 
> This product has not been published and we would like to release it as one
of
> the products under OpenLDAP family of products.  The product will be
released
> under New BSD open source license (license information is contained in the
> source archives on ftp server).
> 
> I have uploaded seven packages to our FTP server that contain the source,
> documentation and other items for you to look at.
> 
> host: jtstools.com
> user: jtsguest1
> pw: OpenLd@p1
> 
> The packages are as follows:
> 
> Fortress Core SDK
> 
>   1. source - fortressSrc-1.0.0-rc1.zip - 352K bytes
>   2. source - fortressTestSrc-1.0.0-rc1.zip - 159K bytes
>   3. tutorial/doc - fortressSamples-1.0.0-rc1.zip - 766K bytes
>   4. javadoc - fortressDoc-1.0.0-rc1.zip - 1.4M bytes
>   5. ldap (folder) - Fortress schema and OpenLDAP slapd.conf
> 
> 
> Fortress Realm (Java EE Container plug-ins)
> 
>   6. source - fortressRealmSrc-1.0.0-rc1.zip - 45K bytes
>   7. javadoc - fortressRealmDoc-1.0.0-rc1.zip - 76K bytes
> 
> 
> Package 4 contains complete javadoc for the APIs. 
> 
> In package 4, this link, ./fortressDoc-1.0.0-rc1/index.html, contains the
> overall summary of the SDK.
> 
> this link, ./oamCore/trunk/dist/docs/api/index.html, contains package
> descriptions along with detailed documentation describing the contents of
the
> SDK.
> 
> What we are requesting from the OpenLDAP foundation:
> 
> 1. Source code repository to host the SDK and Realm packages.
> 2. Bug tracking.
> 3. Developer and User forums.
> 4. Wiki (this is a nice to have)
> 
> Our goal is to run the open source project with your organizati

Message of length 5666 truncated


Followup 2

Download message
From: <shawn.mckinney@jtstools.com>
To: "Kurt Zeilenga" <Kurt@OpenLDAP.org>
Cc: openldap-its@OpenLDAP.org
Subject: RE: (ITS#6995) Request for Contribution of Identity Access Management
 Software to OpenLDAP Project
Date: Mon, 15 Aug 2011 19:15:10 -0700
<html><body><span style=3D"font-family:Verdana; color:#000000;
font-size:10=
pt;"><div>Kurt, thanks for taking the time to look this over and
allowing t=
his to proceed.&nbsp; We are looking forward to working with you and the ot=
hers on this project in the near future.&nbsp; This has been a long time co=
ming for us and we appreciate this
opportunity.</div><div><br></div><div>He=
re's the statement of origin.
<br></div><div><br></div><div>The product
nam=
ed "Fortress Core" includes contributions that were created by JoshuaTree S=
oftware, LLC, who =0Ais the exclusive owner of the works.&nbsp; This contri=
bution is made =0Aavailable as indicated by the copyright and license state=
ments attached to the the
=0Awork.</div><div><br></div><div></div><div>Shaw=
n McKinney</div><blockquote id=3D"replyBlockquote" webmail=3D"1"
style=3D"b=
order-left: 2px solid blue; margin-left: 8px; padding-left: 8px; font-size:=
 10pt; color: black; font-family: verdana;">=0A<div
id=3D"wmQuoteWrapper">=
=0A-------- Original Message --------<br>=0ASubject: Re: (ITS#6995)
Request=
 for Contribution of Identity Access<br>=0AManagement Software to OpenLDAP
=
Project<br>=0AFrom: Kurt Zeilenga &lt;<a
href=3D"mailto:Kurt@OpenLDAP.org">=
Kurt@OpenLDAP.org</a>&gt;<br>=0ADate: Mon, August 15, 2011 2:35
pm<br>=0ATo=
: <a href=3D"http://shawn.mckinney@jtstools.com">shawn.mckinney@jtstools.co=
m</a><br>=0ACc: <a
href=3D"mailto:openldap-its@OpenLDAP.org">openldap-its@O=
penLDAP.org</a><br>=0A<br>=0AShawn,<br>=0A<br>=0AI
have reviewed the submit=
ted materials.<br>=0A<br>=0AOther than a lack of a statement of
origin, I f=
ind no reason why these materials cannot be accepted.  Please submit a "sta=
tement of origin" in a follow-up to this ITS.  This can simply be a stateme=
nt to the effect that the all the submitted materials were authored by Josh=
uaTree Software, JoshaaTree is the exclusive owner of the works, and that t=
he contribution is made available as indicated by the copyright and license=
 statements in the work.  If the work includes materials derived from works=
 to which others own or otherwise have rights to, please
detail.<br>=0A<br>=
=0AThe Foundation has no objection to the Project establishing a sub-projec=
t of the OpenLDAP Project, similar to the Java LDAP and JDBC-LDAP sub proje=
cts, to develop works based upon your contribution.  It is the Foundation u=
nderstanding that Project is also willing to establish such a sub-project, =
and extend commit privs to the key developers who produced the contributed =
work.<br>=0A<br>=0AIt is noted that the OpenLDAP Foundation, if it
accepts =
the final contribution, would from time to time publish works derived (such=
 as the source repository itself, and possibly packaged source bundles) fro=
m your contribution as well as possibly the contributions of others.  The O=
penLDAP Foundation will license its copyright right interests (initially li=
kely quite limited) using the OpenLDAP Public License, and will encourage c=
ommunity members to license their contributions in a manner consistent with=
 our general contribution guidelines.  The OpenLDAP Public License is compa=
tible with the 'New BSD open source license' and similar in its basic terms=
.<br>=0A<br>=0AThe initial COPYRIGHT file (upon acceptance and
initial publ=
ication by the OpenLDAP Foundation) would be based on the COPYRIGHT file cu=
rrently found in OpenLDAP Software distributions, excepting JoshuaTree Soft=
ware would be named as the contributor of the materials for which the publi=
shed work is derived from, and notice immediately following the Foundation'=
s notice would be that provided by JoshauTree covering the work as contribu=
tions.<br>=0A<br>=0AIt is noted that I recently attempted to
re-download th=
e materials and they were no longer available.  That fine, we'd want you to=
 upload fresh zips to our servers once we all were ready to
proceed.<br>=0A=
<br>=0ARegards, Kurt<br>=0A<br>=0AOn Jul 14, 2011, at 6:51 PM,
<a href=3D"h=
ttp://shawn.mckinney@jtstools.com">shawn.mckinney@jtstools.com</a>
wrote:<b=
r>=0A<br>=0A&gt; Full_Name: Shawn McKinney<br>=0A&gt;
Version: All<br>=0A&g=
t; OS: All<br>=0A&gt; URL: ftp://<a
href=3D"http://ftp.openldap.org/incomin=
g">ftp.openldap.org/incoming</a>/<br>=0A&gt; Submission from:
(NULL) (99.34=
.198.251)<br>=0A&gt; <br>=0A&gt; <br>=0A&gt;
Hello,<br>=0A&gt; <br>=0A&gt; =
We have created a new Identity and Access Management SDK, called Fortress, =
that<br>=0A&gt; uses Java and OpenLDAP to pro

Message of length 9421 truncated


Followup 3

Download message
From: <shawn.mckinney@jtstools.com>
To: openldap-its@OpenLDAP.org
Subject: RE: (ITS#6995) Request for Contribution of Identity Access Management
 Software to OpenLDAP Project
Date: Mon, 15 Aug 2011 19:27:56 -0700
>Please submit a "statement of origin" in a follow-up to this ITS

Let me try this again:

The product named "Fortress Core" includes contributions that were
created by JoshuaTree Software, LLC, who is the exclusive owner of the
works.  This contribution is made available as indicated by the
copyright and license statements attached to the the work.

Shawn McKinney
JoshuaTree Software




Followup 4

Download message
Subject: Re: (ITS#6995) Request for Contribution of Identity Access Management Software to OpenLDAP Project
From: Kurt Zeilenga <Kurt@OpenLDAP.org>
Date: Wed, 17 Aug 2011 10:19:12 -0700
Cc: openldap-its@OpenLDAP.org
To: "<shawn.mckinney@jtstools.com>" <shawn.mckinney@jtstools.com>
On Aug 15, 2011, at 7:15 PM, <shawn.mckinney@jtstools.com>
<shawn.mckinney@jtstools.com> wrote:
> The product named "Fortress Core" includes contributions that were created
by JoshuaTree Software, LLC, who is the exclusive owner of the works.  This
contribution is made available as indicated by the copyright and license
statements attached to the the work.


Shawn, the wording of this statement is not sufficient clear for a couple of
reasons.  One, the term product doesn't necessarily refer to the contributed
works.  Two, "includes" language doesn't exclude the possibility that portions
of the contributed work were created by others.   We need the statement of
origin to be quite clear.   Assuming all of the contributed works were created
by JohshuaTree Software, LLC, we suggest stating something of the form.

	The contributed works provided by <creator> and referenced in this ITS
were created by <creator>, who is the exclusive owner of the contributed
works.  The contributed works are made available as indicated in the copyright
and license statements attached to the work.

where <creator> was replaced with JoshuaTree Software, LLC.

Please restate the statement of origin, either in the above form or other
appropriate form, in response to this ITS.

Regards, Kurt

> 
> Shawn McKinney
> -------- Original Message --------
> Subject: Re: (ITS#6995) Request for Contribution of Identity Access
> Management Software to OpenLDAP Project
> From: Kurt Zeilenga <Kurt@OpenLDAP.org>
> Date: Mon, August 15, 2011 2:35 pm
> To: shawn.mckinney@jtstools.com
> Cc: openldap-its@OpenLDAP.org
> 
> Shawn,
> 
> I have reviewed the submitted materials.
> 
> Other than a lack of a statement of origin, I find no reason why these
materials cannot be accepted. Please submit a "statement of origin" in a
follow-up to this ITS. This can simply be a statement to the effect that the all
the submitted materials were authored by JoshuaTree Software, JoshaaTree is the
exclusive owner of the works, and that the contribution is made available as
indicated by the copyright and license statements in the work. If the work
includes materials derived from works to which others own or otherwise have
rights to, please detail.
> 
> The Foundation has no objection to the Project establishing a sub-project
of the OpenLDAP Project, similar to the Java LDAP and JDBC-LDAP sub projects, to
develop works based upon your contribution. It is the Foundation understanding
that Project is also willing to establish such a sub-project, and extend commit
privs to the key developers who produced the contributed work.
> 
> It is noted that the OpenLDAP Foundation, if it accepts the final
contribution, would from time to time publish works derived (such as the source
repository itself, and possibly packaged source bundles) from your contribution
as well as possibly the contributions of others. The OpenLDAP Foundation will
license its copyright right interests (initially likely quite limited) using the
OpenLDAP Public License, and will encourage community members to license their
contributions in a manner consistent with our general contribution guidelines.
The OpenLDAP Public License is compatible with the 'New BSD open source license'
and similar in its basic terms.
> 
> The initial COPYRIGHT file (upon acceptance and initial publication by the
OpenLDAP Foundation) would be based on the COPYRIGHT file currently found in
OpenLDAP Software distributions, excepting JoshuaTree Software would be named as
the contributor of the materials for which the published work is derived from,
and notice immediately following the Foundation's notice would be that provided
by JoshauTree covering the work as contributions.
> 
> It is noted that I recently attempted to re-download the materials and they
were no longer available. That fine, we'd want you to upload fresh zips to our
servers once we all were ready to proceed.
> 
> Regards, Kurt
> 
> On Jul 14, 2011, at 6:51 PM, shawn.mckinney@jtstools.com wrote:
> 
> > Full_Name: Shawn McKinney
> > Version: All
> > OS: All
> > URL: ftp://ftp.openldap.org/incoming/
> > Submission from: (NULL) (99.34.198.251)
> > 
> > 
> > Hello,
> > 
> > We have created a new Identity and Access Management SDK, called
Fortress, that
> > uses Java and OpenLDAP to provide authentication, RBAC, ARBAC,
password
> > policies, auditing and more.
> > 
> > It has taken us 2.5 years of steady work to get it ready for this 1.0
release. 
> > This SDK has approximately 50K lines of Java code of which
approximately 25K are
> > dedicated to testing using JUnit automated tests to ensure it works
correctly. 
> > There are in excess of 100 public APIs available for use. There is
also a Java
> > EE container plug-in that provides authentication and 

Message of length 7813 truncated


Followup 5

Download message
From: <shawn.mckinney@jtstools.com>
To: openldap-its@OpenLDAP.org
Subject: RE: (ITS#6995) Request for Contribution of Identity Access Management
 Software to OpenLDAP Project
Date: Wed, 17 Aug 2011 19:29:43 -0700
>Please restate the statement of origin, either in the above form or other
appropriate form, in response to this ITS.

The contributed works provided by Joshua Tree Software, LLC. and
referenced in this ITS were created by Joshua Tree Software, LLC., who
is the exclusive owner of the contributed works. The contributed works
are made available as indicated in the copyright and license statements
attached to the work.

Shawn McKinney

-------- Original Message --------
Subject: Re: (ITS#6995) Request for Contribution of Identity Access
Management Software to OpenLDAP Project
From: Kurt Zeilenga <Kurt@OpenLDAP.org>
Date: Wed, August 17, 2011 10:19 am
To: "<shawn.mckinney@jtstools.com>" <shawn.mckinney@jtstools.com>
Cc: openldap-its@OpenLDAP.org


On Aug 15, 2011, at 7:15 PM, <shawn.mckinney@jtstools.com>
<shawn.mckinney@jtstools.com> wrote:
> The product named "Fortress Core" includes contributions that were created
by JoshuaTree Software, LLC, who is the exclusive owner of the works. This
contribution is made available as indicated by the copyright and license
statements attached to the the work.


Shawn, the wording of this statement is not sufficient clear for a
couple of reasons. One, the term product doesn't necessarily refer to
the contributed works. Two, "includes" language doesn't exclude the
possibility that portions of the contributed work were created by
others. We need the statement of origin to be quite clear. Assuming all
of the contributed works were created by JohshuaTree Software, LLC, we
suggest stating something of the form.

 The contributed works provided by <creator> and referenced in this ITS
were created by <creator>, who is the exclusive owner of the contributed
works. The contributed works are made available as indicated in the
copyright and license statements attached to the work.

where <creator> was replaced with JoshuaTree Software, LLC.

Please restate the statement of origin, either in the above form or
other appropriate form, in response to this ITS.

Regards, Kurt

> 
> Shawn McKinney
> -------- Original Message --------
> Subject: Re: (ITS#6995) Request for Contribution of Identity Access
> Management Software to OpenLDAP Project
> From: Kurt Zeilenga <Kurt@OpenLDAP.org>
> Date: Mon, August 15, 2011 2:35 pm
> To: shawn.mckinney@jtstools.com
> Cc: openldap-its@OpenLDAP.org
> 
> Shawn,
> 
> I have reviewed the submitted materials.
> 
> Other than a lack of a statement of origin, I find no reason why these
materials cannot be accepted. Please submit a "statement of origin" in a
follow-up to this ITS. This can simply be a statement to the effect that the all
the submitted materials were authored by JoshuaTree Software, JoshaaTree is the
exclusive owner of the works, and that the contribution is made available as
indicated by the copyright and license statements in the work. If the work
includes materials derived from works to which others own or otherwise have
rights to, please detail.
> 
> The Foundation has no objection to the Project establishing a sub-project
of the OpenLDAP Project, similar to the Java LDAP and JDBC-LDAP sub projects, to
develop works based upon your contribution. It is the Foundation understanding
that Project is also willing to establish such a sub-project, and extend commit
privs to the key developers who produced the contributed work.
> 
> It is noted that the OpenLDAP Foundation, if it accepts the final
contribution, would from time to time publish works derived (such as the source
repository itself, and possibly packaged source bundles) from your contribution
as well as possibly the contributions of others. The OpenLDAP Foundation will
license its copyright right interests (initially likely quite limited) using the
OpenLDAP Public License, and will encourage community members to license their
contributions in a manner consistent with our general contribution guidelines.
The OpenLDAP Public License is compatible with the 'New BSD open source license'
and similar in its basic terms.
> 
> The initial COPYRIGHT file (upon acceptance and initial publication by the
OpenLDAP Foundation) would be based on the COPYRIGHT file currently found in
OpenLDAP Software distributions, excepting JoshuaTree Software would be named as
the contributor of the materials for which the published work is derived from,
and notice immediately following the Foundation's notice would be that provided
by JoshauTree covering the work as contributions.
> 
> It is noted that I recently attempted to re-download the materials and they
were no longer available. That fine, we'd want you to upload fresh zips to our
servers once we all were ready to proceed.
> 
> Regards, Kurt
> 
> On Jul 14, 2011, at 6:51 PM, shawn.mckinney@jtstools.com wrote:
> 
> > Full_Name: Shawn McKinney
> > Version: All
> > OS: All
> > URL: ftp://ftp.ope

Message of length 8578 truncated


Followup 6

Download message
From: <shawn.mckinney@jtstools.com>
To: openldap-its@OpenLDAP.org
Subject: RE: (ITS#6995) Request for Contribution of Identity Access Management
 Software to OpenLDAP Project
Date: Mon, 05 Sep 2011 17:35:50 -0700
Hello,

Two packages have been uploaded to the incoming folder on openldap's
public ftp site.  The package names are:
fortressCore.zip and fortressRealm.zip of sizes 1.1 MB and 74.8 KB
respectively.  The two packages contain the source code that form the
basis for the Fortress Java SDK (fortessCore) and Java EE container
security plug-in component (fortressRealm).

Thanks,

Shawn




Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org