ForgeRock Releases OpenAM 10.0

SAN FRANCISCO, June 5, 2012 /PRNewswire/ --

ForgeRock is pleased to announce the general availability of OpenAM 10.0, one of the key product in the I³Open Platform. ForgeRock strengthens OpenAM Authentication, Authorization and Federation capabilities by adding OAuth 2.0, Risk Based Authentication and the Open Identity Gateway. In addition, several key enhancements to security, performance, reliability and replication have been implemented.

Logo: http://photos.prnewswire.com/prnh/20120605/537352

The OpenAM 10.0 release is a major upgrade and it sets the stage for a modern architecture and introduces many new important features, general improvements to the core product, as well as to the agents. A large amount of the code base has been audited and cleaned up, and as a result the overall quality has been improved. Since the initial release of OpenAM more than a thousand bugs, security issues and improvements have been resolved.

OpenAM 10.0 is the result of several months of intensive research and development work at ForgeRock combined with input and feedback from the flourishing OpenAM open source community and our customers. This release significantly strengthens the security and integration capabilities of the standards based I³ Open Platform. It includes improvements in the areas of Federation with SAML 2.0 and OAuth 2.0, application integration, Risk Based Authentication, and key enhancements in security, reliability, performance and the underlying replication architecture.

The release features the following industry-leading capabilities:

• Open Identity Gateway (OpenIG): A high performance identity proxy that expedites the integration of web applications into a Single Sign-On environment without touching the application. Ideal for legacy applications where changes to the security model are contraindicated. OpenIG also extends the SAML 2.0 Service Provider capabilities of the OpenAM offering.
• Risk Based Authentication: Measure the risk associated with an authentication event and challenge with additional stronger credentials if the need arises. This is now part of the authentication framework and includes capabilities such as geographic location evaluation, time since last login, number of authentication failures check, ip address history check, cookie associated with a device check and attribute profile check, among others.
• OAuth 2.0 authentication: Users can now federate their accounts from Google, Facebook, MSN, and any OAuth 2.0 provider with OpenAM.
• SAML 2.0 Identity Provider enhanced capabilities that ease the interaction with end-users for several tasks such as approval of attribute release to service providers. This is implemented as an additional hook into the SAML 2.0 framework.
• ForgeRock's OpenDJ is now the embedded configuration store.
   

OpenAM comprises in one single product the features and capabilities usually found in several products. The latest version can be obtained from the downloads area .

About ForgeRock: ForgeRock is the global open source vendor behind the I³ Open Identity Platform. ForgeRock identity oriented technology powers solutions for thousands of the world's largest companies and government organizations. The I³ vision is to deliver a fully open source platform for the creation of interactive web and cloud solutions using identity throughout. ForgeRock technology is built on open standards and deployed by a global network of system integrator, consulting and training partners. I³ products are supported for mission-critical operations by ForgeRock enterprise lifecycle subscriptions. For more information and free downloads visit http://www.forgerock.com/.

SOURCE Forgerock AS