Open Source Access Management

How we got started

Gluu was founded in 2009 by Mike Schwartz. After selling his ISP to Verio in 1998, Mike advised many large companies on identity and access management, directory services, and application security. In late 2008, Mike had a hunch that Web single sign-on was too complex, too proprietary and too expensive for many organizations. He felt that a utility approach to SSO using open source software could provide an alternative to expensive enterprise solutions. The Gluu Server was envisioned as an integrated identity platform, based on free open source software, to make application security available to significantly greater number of organizations.

Early days : versions 1 and 2

Versions 1 of the Gluu Server was based on Sun OpenSSO and OpenDS. Mike presented the idea at an OpenSSO community group at the European Identity Conference in Munich in May 2009. Version 1 worked a little, but there was no easy way to manage it. Version 2 of the Gluu Server had a better UI, but it was just a facade–the UI didn’t actually do anything to configure OpenSSO.

Version 2 was launched after Mike Schwartz met with members of the InCommon Steering Committee in San Antonio in October 2009. At that meeting, Mike expressed concern that OpenSSO might be end-of-life. Oracle had recently purchased Sun Microsystems, and before ForgeRock was formed, it seemed possible that Oracle would simply migrate OpenSSO customers to Oracle Access Manager. Bob convinced Mike that the Shibboleth IDP was a reasonable alternative, and arguably had even more features in SAML, including fine grain access release policies, and a better approach for multi-party federation. As the InCommon federation’s efforts to evangelize SAML federation would support Gluu’s message, switching had marketing advantages, and would reduce the event risk around OpenSSO.

Shortly thereafter, a new project from scratch was launched for Gluu Server v3 with the goal of using templates to simplify the management of the Shibboleth IDP.

V3: Gluu Server Ships!

The first live demo of the Gluu Server was at an InCommon event in Atlanta, GA in early November 2010. At that demo, Hakeem Fahm, then IT director at the University of the District of Columbia, was impressed and decided that the Gluu Server was exactly what his campus needed to join InCommon. Delivering the first Gluu Server into production took three months. The order was placed before Thanksgiving, and it was finally delivered in early February 2011. Mike helped write some of the python scripts (few, if any of which are still in use), and establish the operating procedures for delivery of the Gluu Server. In 2011, a few more campuses also adopted the Gluu Server.

Enter OAuth2

OAuth2 had been on Gluu’s roadmap since inception, but work started due to a consulting project Gluu had undertaken for IDCubed. This is the reason the OX software is MIT license–IDCubed insisted on it. The project was a flop–Gluu couldn’t deliver the graph based federated data solution quickly enough. But as a result, Gluu was able to accelerate the launch of the OX OAuth2 based features, first with OpenID Connect in late 2011. Then in late 2012, Gluu followed by introducing support for the User Managed Access Protocol, which Mike felt provided an Oauth2 based solution for access management that was superior to Computer Associates’ proprietary Siteminder access management framework.

Linux Distribution Packages

At OSCON 2014, Gluu introduced easier to install packages for the Gluu Server, and support for the Ubuntu Juju orchestration framework. The goal of these distributions was to promote adoption of OX in the major distributions of linux.

Our Vision

Gluu has both a social and a business mission. These missions need not be at odds. In fact they are symbiotic. The business vision of Gluu is quite simple: offer a utility service to help organizations control access to valuable online resources. Our social mission is to make the Internet a safer place for people and businesses by writing great open source software.

Giving Back

In addition to making all of our IAM software open source, Gluu is a trusted member of the education community and provides discounted products and services to non-profit educational institutions to help further access to educational resources for people everywhere.