Ballmer and McNealy interoperate on ID
IBM becomes the new Microsoft
Steve Ballmer and Scott McNealy have announced specifications for single sign-in between Java and .NET web service, while admitting to teething problems in their companies' landmark legal and technology agreement.
The old foes - hosting a joint conference to update press on progress in their year-old relationship - even found time to pick on a new mutual enemy in IBM, by urging partners to help customers adopt each others' systems and dump mainframes.
"The backbone of IT is moving off the mainframe. We [Microsoft and Sun] will disagree about where [customers] should go, but we will agree they should go," McNealy said.
Employing a phrase he once reserved only for use against Microsoft prior to the April 2004 deal, a grinning McNealy said: "It's mankind against IBM Global Services."
Ballmer, meanwhile, talked of interoperability between .NET and "Sun's Java" a small phrase likely to irritate IBM, which has tussled with Sun over Java for years.
Such a casual reference is also likely to ruffle feathers in the Java community at large, which is very sensitive on the matter of whether Java is "owned" by a single company.
Aside from sticking it to IBM, McNealy and Ballmer conceded that engineering progress has been slower than management wanted, but the pace had picked up in the last three-to-six months.
From the outset of last year's deal, Sun and Microsoft said interoperability between directory systems was a priority, but Ballmer today joked it had taken "12-and-a-half months to deliver 12 months work".
"You had a world where it's like when the Berlin Wall came down," he said describing the situation after the companies announced an end to hostilities.
"There wasn't a lot of natural contact with folks from the East and West. We spent time where the engineers were getting to know each other and speaking a common language. It was frustrating as executives, we said: 'Stop the getting to know each other stuff, and get on with the making stuff!'."
McNealy said the companies had overcome the misapprehension that the deal meant they were somehow merging Solaris and Windows or combining Java and .NET.
The first meaningful fruits of the collaboration are two proposed specifications that would enable web services and systems using their rival directory technologies to interoperate by sharing users identities.
The goal is for browser-based, federated single sign-in between domains using Sun's directory systems - which run the Liberty Alliance Project's Liberty ID-FF - and Windows' Active Directory and .NET systems, which are based on Microsoft's WS-Federation specification.
Web Single Sign-on Metadata Exchange (Web SSO MEX) and Web Single Sign-on Interoperability Profile (Web SSO Interop Profile) will be supported in current versions of Windows Server and Sun's Java Enterprise System (JES).
The specifications have wide-ranging impact. Server vendors, systems integrators and customers can - theoretically - reduce the amount of time and cost need to make rival directory systems work together. They also hold out the prospect that partners and consumers can securely move between different domains having logged in just once.
The specifications, demonstrated on Friday, use tokens that are built in real-time to authenticate individuals, with tokens exchanged via a bridge. Tokens should mean organizations could cut down on the number or passwords and identities need by end users to navigate services and different domains.
Next up for the companies, are plans to improve systems management between Microsoft's Dynamic Systems Initiative and Sun's N1 strategy, with Microsoft and Sun collaborating on the WS-Management specification - co-authored by Microsoft, Sun Intel and others. The specification will be supported in Solaris 10 and Windows Server Release 2, due this year. ®