Oblix Enables Single Sign-On For BEA Apps

By eweek  |  Posted 2001-09-11

A partnership to be announced today, Sept. 11, between leaders in the e-commerce and access management markets means Java developers will have a much simpler time incorporating access and identity control into their applications.

BEA Systems and Oblix have created the NetPoint BEA Ready Realm, access control software that lets BEA WebLogic Java 2 Enterprise Edition (J2EE) developers take advantage of the single sign-on and identity management features within Oblix NetPoint.

"Imagine every time you wrote a new application for WebLogic, you had to write in new access controls," said Enrique Salem, Oblixs vice president of technology and products. Now all a developers have to do is point their apps at Oblixs NetPoint server and those controls are automatically taken care of.

As more and more businesses move their applications to the Web, application servers such as BEAs have become the foundation. However, unlike a corporate network, the Web lacks the unified access control that makes supplying and monitoring the access to those Web services manageable.

Oblix NetPoint, which competes heavily with Netgritys SiteMinder platform, provides single sign-on across all of a business Web services, as well as automated work flow so the correct member of the corporate staff can have control over who gets access to certain resources. For example, an I-manager can delegate control of access to the financial applications to the head of accounting.

Single sign-on also means that users need just one log-in and password to access their customer relationship management, Enterprise Resource Planning and e-business applications.

"That becomes important, because the folks trying to access these things forget their passwords and then they have to call the helpdesk," Salem said. Using a product such as NetPoint, "theres improved productivity for the end user, and cost savings for the enterprise."

There are other ways of tying applications into NetPoint using Java and C++ software developer kits and XML documents. However, using the NetPoint BEA Ready Realm, BEA developers will benefit from a much quicker time to implementation.

Developers can also focus on the functionality of their applications, not the secure access controls needed to go along with them.

"Obviously, this is only interesting for those enterprises that have deployed [BEA], but to those customers its an important improvement," said Mike Neuenschwander, an industry analyst of The Burton Group. "Its pretty well accepted today that the Web application server is becoming the center of gravity for all of these services, and to see a company like Oblix more closely align with e-business platforms [like BEA] is the right way to go."

Companies such as Netgrity and Oblix are also more closely aligning themselves with software companies such as PeopleSoft and Siebel Systems, respectively.

In lieu of these partnerships, there is a standard in the works by the Organization for the Advancement of Structured Information Standards that allows user identities and access controls to be passed from service to service over the Web using Security Assertion Markup Language (SAML).

The technology allows a user to surf from one site to another, while their access rights are maintained. Partnerships between those sites would be established ahead of time. "When that person goes to another site, the security profile follows them," Neuenschwander said.

SAML is not a ratified standard yet, but both Netegrity and Oblix incorporate their own versions of the raw technology in their software.

Oblix NetPoint costs about $15 per user. NetPoint BEA Ready Realm is available to licensed NetPoint users at no additional charge.

Rocket Fuel