Gluu Blog

Follow us:
Back to Blog

2019 and beyond at Gluu

Mike S. January 3, 2019

Gluu Community,

Thanks for all your support in 2018!!

Without the community, Gluu would not be possible!

That community includes the Gluu team, customers, partners, open source contributors, the very patient financial backers, and numerous others.

Thanks to all who have helped us achieve our vision that an enterprise-grade identity and access management (IAM) platform can be free, open, easy to install, documented and supported.

2018 was a super successful year for us.

If you’ve spoken with me in the past, you know I’m not reticent to describe the challenges of managing the growth of a boot-strapped startup writing open source software.

Despite those challenges, I feel like 2018 was a tipping point for the Gluu platform.

The code improved–we added more features, fixed bugs, and improved user experience. But the product is more than just code: it includes documentation, packages, a public website, support portal, and more–all the things that drive customer satisfaction.

In this regard, I feel like we’ve made Gluu not just the best implementation of protocols, but one of the best platforms for IAM the world has ever seen.

Although my mania has catalyzed this result, it’s clear the strength of the community has made Gluu what it is, and is the key to our assured future.

So what is in the works for 2019?

Gluu 3.1.5 release

I’m really excited for FIDO 2 support, which we expedited for Gluu 3.1.5 to help some customers with early rollouts. We expect FIDO 2 to have ubiquitous browser support–a big improvement over U2F which was a feature of Chrome and Firefox. Better support for biometric authentication is also a big advantage of FIDO 2. It’s how Microsoft is powering Windows Hello, and we expect to see some interesting new tokens that leverage biometric enrollment.

We are also introducing two new interception scripts for Resource Owner Password Credential Grant and Token Introspection. The former is useful to implement authentication flows for non-web applications, for example we are using it to introduce a Gluu Radius server as a backend for the Super Gluu 2FA mobile app. The Token Introspection script is handy for API access management use cases where you need to add additional information to the access token.

For all the details, you can always check the Gluu roadmap.

Gluu 4.0 release

We’ve been working on the 4.0 release for almost a year. We expect a smooth upgrade process from 3.x to 4.0 (unlike 2.x to 3.x–sorry about that everyone!).

In version 4.0 we are introducing a database abstraction layer that makes it possible for us to support a new persistence backend: Couchbase. This NoSQL JSON database is ideal for high end deployments with tens of millions of entries and high concurrency. We’re not abandoning LDAP–we will continue to recommend LDAP for most deployments. Couchbase will simply allow the Gluu Server to support the very high end use cases of large organizations.

Version 4.0 will also include features needed to implement all the financial-grade profiles currently under development in the UK and Europe. Check the roadmap for more cool features!

Containerization

Gluu is very much on the containerization bandwagon. In 2018 we released “Docker Edition” with Kubernetes support and a Red Hat certified container distribution.

For us, the challenge is not to just release containers, but to maintain the ease of use and low operational costs that are key to the Gluu Server platform. Look for more improvements in 2019. For instance, we’re currently working on “Helm charts.”

We’re also grateful for the community contributions in this area. Keep up the good work!

Casa rollout

What began as a small project to help our customers better support two-factor authentication (2FA) has turned into a unique and flexible user-facing security portal for the Gluu Server.

Formerly known as “Credential Manager”, the new, improved and re-branded product, called Gluu Casa (or “Casa” for short), now includes a cleaner UI and a plugin architecture that empowers developers to create both user-facing and administrative interfaces to extend the portal in unforeseen and creative ways.

Many companies are in need of a more holistic solution for 2FA credential management. We’re hoping this new offering will help increase adoption of stronger authentication and promote better account security.

Casa will be our first licensed software offering. Although we’re committed to keeping the core Gluu Server free and open source, in 2019 and beyond we’ll start introducing more software products that are licensed. Casa website and marketing materials are on the way. In the meantime, if you want to see a demo just schedule a call.

Gluu Gateway Rollout

It’s taken a while, but Gluu Gateway (GG) is finally ready! We’re building packages and finishing documentation for release in January.

GG provides all the functionality you would expect from an API Gateway (rate limiting, etc.), and also leverages the Gluu Server for central client management and access control.

If you tried GG beta, the good news is we made 1.0 simpler and more performant. We have also devised a new license for GG called the “Gluu Stepped-Up Support License”.

If your organization has an enterprise support license, GG is included in your subscription! Otherwise, organizations will need to purchase support at one level higher than that which it qualifies for under the revenue guidelines. We’re hoping the generous licensing terms will encourage use of the software, providing even more value to organizations who purchase Gluu support subscriptions.

oxd 4.0

As you may know, oxd is our OAuth2 client middleware server. It provides high level API’s so developers can securely use OpenID Connect, UMA and OAuth without being experts in the protocols.

The big innovation in oxd 4.0 is that we’ve “Swaggerized” the API’s and are eliminating client libraries. Developers will be able to simply pull down the Swagger YAML file and generate libraries using existing mapping tools. This strategy will give us a larger swath of client software and more consistency in delivery of the product. We’ve also eliminated the “localhost” deployment option–less optionality reduces the cost of deployment.

The other big news is that we open-sourced oxd (AGPL). Our previous license strategy was creating too many barriers to adoption. Now you can use oxd for free! Using inadequate third party libraries has been a big problem for our customers. I encourage you to look at oxd, so developers can focus on their business challenges, not on how to add all the required parameters to make their OAuth client software secure.

Cluster Manager

If you aren’t ready for Linux containers but still need highly available (HA) Gluu Server deployments, you should look a Cluster Manager. This software is available under the “Gluu Support License”, which means your organization just needs a support contract to use it. We’ve introduced many features to Cluster Manager beyond a GUI for LDAP replication, including: monitoring, key rotation, and file synchronization. Look for more improvements in 2019!

Move to Open Core

One of the big changes we will implement in 2019 is a move to an “open core” business model. We have avoided this in the past but think it’s necessary now to ensure sustainable growth of the company and platform.

While support subscriptions have historically been our primary revenue stream, in order to sell into certain sectors we’ve found our free licensing model is a barrier to adoption. Ironically, if our software isn’t “re-assuringly expensive”, our sales effort is handicapped.

Our goal is to keep the Gluu Server free for 99% of organizations and monetize the top 1%. This will be a win-win for everyone: we need more resources for development, and some companies will actually feel better paying more.

Enterprise features will be introduced as plugins, ensuring the core Gluu Server distribution remains free and open source.

Apress Book: Securing the Perimeter

With seconds ticking on the clock for 2018, Apress was able to publish the book I co-authored with Maciej Machulak called “Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software”.

The book includes chapters on LDAP, SAML, OAuth, OpenID Connect, Proxying, UMA, Identity Management (IDM), authentication, and multi-party federation.

You can order it from any online bookseller or directly from Apress. It’s a good introduction to the theory behind the Gluu Server and should be a useful resource for new employees (and maybe even to you veterans!). It’s not perfect–we’re already planning a second edition. But you have to start somewhere!

Thanks in advance if you take the time to read it! Please send feedback so we can make it even better!

Gluu World Tour

We’re four months into the Gluu World Tour! We’ve had a great time visiting many customers and partners in North America and Europe. I’m currently writing this missive from Johannesburg, South Africa. Next stops include the Middle East, Asia, and Australia.

Our goal is to meet customers and partners, get feedback from the field, and grow the Gluu community. Along the way we’re hosting meetups and training sessions, and are available for on demand sessions as well.

Check the website for upcoming locations and events: http://gluuworldtour.com

Open Source Underdogs podcast

One of my personal projects has been to learn more about the business models employed by other companies whose primary products are open source software.

In 2018 I started a podcast called “Open Source Underdogs”, where I interview leaders of open source software companies to shed light on their businesses. We published ten episodes in 2018 and many more are in the queue for 2019.

If you get stuck in a lot of traffic, tune in on iTunes, Google Podcasts, Stitcher, or Spotify!

Thanks again!!

Well, that was a far longer New Year’s blog than I intended to write. There is just so much going on it’s hard to encapsulate in one letter.

But if you read nothing else: on behalf of the whole Gluu team, working in 14+ countries across five continents, thank you for your support!

We are wishing you a happy, healthy and safe 2019!

Mike Schwartz
Founder, CEO Gluu

Be sure to subscibe to
our RSS Feed

Mike Schwartz

Mike has been an entrepreneur and identity specialist for more than two decades. He is the technical and business visionary behind Gluu. Mike is an application security expert and has been a featured speaker at RSA Conference, Gartner Catalyst, Cloud Identity Summity (now "Identiverse") and many other security conferences around the world.