WSO2 offers unmatched flexibility for customizing SOA governance via new Governance Registry 3.0 and Identity Server 2.0

WSO2’s Latest SOA Governance Solutions Add Rich New Functions to Securely Manage and Monitor People, Policies and Processes

OSCON – San Jose, CA – July 23, 2009 – WSO2, the open source SOA company, today announced that the industry’s most flexible yet integrated functionality for service-oriented architecture (SOA) Governance is now available with the WSO2 Governance Registry 3.0 and the WSO2 Identity Server 2.0. Both new product versions are based on WSO2 Carbon, the fully componentized SOA platform, which complies with the OSGi specification. Together, these highly customizable products provide an alternative to monolithic governance solutions—empowering IT professionals with unprecedented flexibility to tailor governance for the specific demands of their enterprise SOAs.

WSO2 Governance Registry 3.0 Highlights.

Formerly the WSO2 Registry, the renamed WSO2 Governance Registry has been significantly extended in version 3.0 to provide:

  • Advanced service governance through discovery, impact analysis, versioning, and automatic extraction of metadata.
  • Lifecycle management to easily migrate services from one stage of the lifecycle to the next.
  • Federation for efficiently managing remote registries in a coordinated and synchronized way.
  • Eventing and notification support enabled by the application of business rules.
  • Governance dashboard, which provides runtime and design time monitoring. Because it uses WSO2 gadgets that adhere to the Google Gadget standard, anyone who knows HTML can create or add their favorite gadgets to the dashboard.

WSO2 Identity Server 2.0 Highlights.

With version 2.0, the WSO2 Identity Server offers the only open source identity and entitlement management solution addressing the authentication and authorization required for SOA governance. New features include:

  • WSO2 entitlement engine based on the OASIS eXtensible Access Control Markup Language (XACML) 2.0 for fine-grained authorization.
  • Claim-based security token service for mapping user attributes to defined claims, which can be used to enable identity federation with claim-aware Web services.
  • Multifactor authentication for OpenID based on the Extensible Messaging and Presence Protocol (XMPP) standard complements the multifactor authentication already available with Information Cards since version 1.5 of WSO2 Identity Server.
  • User Profiles and profile configuration management component to simplify adding, modifying and deleting user profiles, and profile management. XKMS component based on the XML Key Management Specification (XKMS) to decouple the public key infrastructure (PKI) management from the application logic.

“As enterprise SOAs mature, it’s become resoundingly clear that there is no one-size-fits-all solution for governance,” said Dr. Sanjiva Weerawarana, founder and CEO of WSO2. “Fortunately, it’s easier than ever for IT professionals to tailor SOA governance for their enterprises through the unmatched flexibility and features of our WSO2 Carbon-based Governance Registry 3.0 and Identity Server 2.0.”

WSO2 Spotlights SOA Governance at OSCON

WSO2 is a Silver Sponsor of OSCON 2009, which runs July 20-24, at the San Jose McEnery Convention Center. Developers are invited to stop by the WSO2 booth during exhibit hours on July 22-23 to try out the Governance Registry, Identity Server, and other WSO2-based products at the hands-on demo stations. Additionally, Prabath Siriwardena, WSO2 security lead, will present a technical session, “The Secured Enterprise: Leverage OpenID with Web Services,” on Thursday, July 23, at 1:45 p.m. Pacific in Meeting Room C3.

The Carbon Advantage

The WSO2 Governance Registry and WSO2 Identity Server provide unprecedented flexibility for IT developers and administrators to manage people, processes and policies across their enterprise SOAs. Both modular products are based on the WSO2 Carbon SOA platform and sit on the Carbon framework that provides all WSO2 Carbon SOA components with enterprise-class management, security, clustering, logging, statistics, tracing, and a “Try-It” wizard for testing services. The products also use a unified graphical user interface designed to help deploy, manage, and view services, processes, process instances, and statistics across any SOA components being implemented. The Carbon framework and user interface automatically recognize any components that are added, eliminating the typical cost and complexity of integrating SOA governance across multiple middleware products.

Based on Proven Performance

WSO2 Governance Registry 3.0 builds on the proven performance of the WSO2 Registry 2.0, a structured registry and repository with comprehensive SOA lifecycle management support. The WSO2 Governance Registry lets users define custom lifecycles with conditional state transitions. Additionally, it offers well-defined extension points for a flexible, plug-in approach to linking resources and allowing users to encode their own governance rules and polices. Together with its socially enabled interface, these capabilities facilitate collaboration in the management, ranking and reuse of enterprise Web services.

WSO2 Identity Server 2.0 extends the proven capabilities of version 1.5 for enabling websites to provide strong authentication using electronic IDs for users based on the two most popular standards: OpenID and Information Cards based on Microsoft CardSpace technology. The Identity Server can issue cards for identity management, as well as support incoming CardSpace and OpenID authentication requests. By adhering to the OASIS XACML standard, WSO2 Identity Server offers fine-grained authorization support for Web services. Additionally, it works with enterprises’ current identity directories, such as those based on the Lightweight Directory Access Protocol (LDAP) and Microsoft Active Directory.

Availability and Support

The WSO2 Governance Registry and WSO2 Identity Server are available for download today. As fully open source solutions released under the Apache License 2.0, they do not carry any software licensing fees. WSO2 offers a range of service and support options for the products. These include support subscriptions, training, consulting, custom development and development support. For information on service and support packages, visit