Open-source identity community OpenLiberty.org has released code to help Java developers build privacy and security features into applications.
OpenLiberty-J, is an implementation of privacy specifications from the Liberty Alliances Identity Web Services Framework (ID-WSF) 2.0, and gives developers tools to build applications that can validate and secure transactions. The new open-source code will be useful for Web 2.0, component-based and mobile applications.
The OpenLiberty-J implementation is a sub-set of ID-WSF 2.0 specifications that includes privacy features, including the ability to have a unique identifier for each individual transaction. The unique identifiers can be tied together using Liberty-based security protocols, and features discovery and other tools, so users can aggregate their identifiers into a profile.
The alliance's executive director Brett McDowell said the announcement was also a call to action to get people involved and expand the features of OpenLiberty. He said the intent is to eventually get open-source privacy and security specifications ramped up for .Net, PHP and Ruby developers.
OpenLiberty-J provides developers with a library of open-source code. The libraries only address the needs of service providers and relying parties in an identity transaction. The needs of identity providers are not addressed.
OpenLiberty-J is based on Java 2 Platform, Standard Edition (J2SE), and open source XML, Security Assertion Markup Language, and Web services libraries from the Apache Software Foundation and Internet2, including the Shibboleth Project's OpenSAML.
Developers who use OpenLiberty-J will be able to test their applications against the Liberty Alliance servers, according to McDowell.
OpenLiberty-J also will be included in formal Liberty Alliance interoperability testing in autumn 2008. OpenLiberty-J has already passed informal interoperability against the open-source ZXID tools and Symlabs products that are certified Liberty Web Services interoperable.