With much ado and fanfare, I would like to introduce you all to The Pamela Project. Some of you have heard of this already — we officially announced the Pamela Project last week as part of the Liberty Alliance Day at RSA. I have more information on that event too, stay tuned.
The Pamela Project is focused on the adoption and use of information cards in the wild.
We are working on the creation and maintenance of relying party software that fits into known popular software frameworks — and our goal is that you should not need to be a coder, a web services expert, or even particularly knowledgeable about SSL to enable your website to consume information cards.
To this end, we are now in the beta stage of the first download from the Pamela Project: PamelaWare for WordPress (shortened to PW-wp for obvious reasons). I have taken Kim Cameron’s original PHP relying party code for WordPress and done the following things to it:
- Turned it into a WordPress Plugin that can be activated & managed from the WordPress Administration console
- Added an Error Handler & Debug Handler
- Created Documentation around installation & troubleshooting (plus a community comment capability for the documentation that allows collaborative updates to my initial instructions)
- Added a full Information Card Configuration Console
- Including detection of missing prerequisites such as PHP5 or mcrypt.
- Also including prescriptive tests around HTTPS capability.
- More details on features are here.
- Screenshots are here.
- Try it out at our test blog!
PamelaWare for WordPress is just the first of what I hope to be a long list of framework modules, written initially for the best of breed in PHP software, but eventually for software of all types, in as many languages as possible.
If you are interested in being a beta tester for PW-wp, or if you would like more information about the community we hope to create, or if you think you would like to contribute, please comment here and I will contact you.
Thanks to Kim, Craig and Dale – the founding members of Pamela Project — for their advice, support, marketing prowess and development experience – I feel very honored to get a chance to work with such brilliant people.
That sounds great, I’m looking forward to hearing more about this. I note that you mention “relying party” as the focus for this project – do you have any recommended identity provider software projects for generating managed cards? The OSIS list seemed a little light on IdP implementation projects; If I can’t find one I might need to write one – LDAP enabled of course…
The Bandit guys have a working demo which takes data from an LDAP account (register here)via the Higgins IdAS layer & creates managed cards from two different STS servers – the Higgins STS server and Chuck Mortimore’s OpenInfocard STS. There are instructions here on the whole reference application and you can request a managed card from each sts (both originally pulled from LDAP) here. I’ve used cards generated from each STS to get to PamelaWare.
Thanks, the OSIS didn’t have a good description of Bandit, and the bandit project web site itself is a bit formidable – sometimes it’s hard to tell what it does or how to find out how it does it. I’d suspect there’s still a need for better ‘packaging’ of IdPs, for enabling early adopters experimenting with these technologies both within the enterprise and in smaller community-focused sites, at least until more of the suite vendors start offering IdPs and RPs as a part of their platforms.
Mark, good points about Bandit (both the OSIS description and the formidable wiki). Wikis grow like weeds and need regular trimming. Ours is due. We will work on it, but also feel free to contact us directly (see http://www.bandit-project.org/index.php/Communicate ).
Just to clarify though, most of the IdP code was constructed of components from the Higgins project, with some web interface from the Bandits. And we did choose to use my personal favorite LDAP server behind the Higgins IdAS layer. The IdP also includes an STS from XMLDAP with large Bandit hacks, as well as the Higgins STS.
You may notice that the previous paragraph also illustrates why I agree with your comment that better packaging of IdPs is needed.
Pingback: Wouter Veugelen blog