On Aug 15, 2011, at 7:15 PM, <shawn.mckinney(a)jtstools.com>
The product named "Fortress Core" includes contributions
that were created by JoshuaTree Software, LLC, who is the exclusive owner of the works.
This contribution is made available as indicated by the copyright and license statements
attached to the the work.
Shawn, the wording of this statement is not sufficient clear for a couple of reasons.
One, the term product doesn't necessarily refer to the contributed works. Two,
"includes" language doesn't exclude the possibility that portions of the
contributed work were created by others. We need the statement of origin to be quite
clear. Assuming all of the contributed works were created by JohshuaTree Software, LLC,
we suggest stating something of the form.
The contributed works provided by <creator> and referenced in this ITS were created
by <creator>, who is the exclusive owner of the contributed works. The contributed
works are made available as indicated in the copyright and license statements attached to
where <creator> was replaced with JoshuaTree Software, LLC.
Please restate the statement of origin, either in the above form or other appropriate
form, in response to this ITS.
-------- Original Message --------
Subject: Re: (ITS#6995) Request for Contribution of Identity Access
Management Software to OpenLDAP Project
From: Kurt Zeilenga <Kurt(a)OpenLDAP.org>
Date: Mon, August 15, 2011 2:35 pm
I have reviewed the submitted materials.
Other than a lack of a statement of origin, I find no reason why these materials cannot
be accepted. Please submit a "statement of origin" in a follow-up to this ITS.
This can simply be a statement to the effect that the all the submitted materials were
authored by JoshuaTree Software, JoshaaTree is the exclusive owner of the works, and that
the contribution is made available as indicated by the copyright and license statements in
the work. If the work includes materials derived from works to which others own or
otherwise have rights to, please detail.
The Foundation has no objection to the Project establishing a sub-project of the OpenLDAP
Project, similar to the Java LDAP and JDBC-LDAP sub projects, to develop works based upon
your contribution. It is the Foundation understanding that Project is also willing to
establish such a sub-project, and extend commit privs to the key developers who produced
the contributed work.
It is noted that the OpenLDAP Foundation, if it accepts the final contribution, would
from time to time publish works derived (such as the source repository itself, and
possibly packaged source bundles) from your contribution as well as possibly the
contributions of others. The OpenLDAP Foundation will license its copyright right
interests (initially likely quite limited) using the OpenLDAP Public License, and will
encourage community members to license their contributions in a manner consistent with our
general contribution guidelines. The OpenLDAP Public License is compatible with the
'New BSD open source license' and similar in its basic terms.
The initial COPYRIGHT file (upon acceptance and initial publication by the OpenLDAP
Foundation) would be based on the COPYRIGHT file currently found in OpenLDAP Software
distributions, excepting JoshuaTree Software would be named as the contributor of the
materials for which the published work is derived from, and notice immediately following
the Foundation's notice would be that provided by JoshauTree covering the work as
It is noted that I recently attempted to re-download the materials and they were no
longer available. That fine, we'd want you to upload fresh zips to our servers once we
all were ready to proceed.
On Jul 14, 2011, at 6:51 PM, shawn.mckinney(a)jtstools.com wrote:
> Full_Name: Shawn McKinney
> Version: All
> OS: All
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (22.214.171.124)
> We have created a new Identity and Access Management SDK, called Fortress, that
> uses Java and OpenLDAP to provide authentication, RBAC, ARBAC, password
> policies, auditing and more.
> It has taken us 2.5 years of steady work to get it ready for this 1.0 release.
> This SDK has approximately 50K lines of Java code of which approximately 25K are
> dedicated to testing using JUnit automated tests to ensure it works correctly.
> There are in excess of 100 public APIs available for use. There is also a Java
> EE container plug-in that provides authentication and authorization services to
> Websphere, Tomcat and JBoss app servers in a declarative fashion.
> This product has not been published and we would like to release it as one of
> the products under OpenLDAP family of products. The product will be released
> under New BSD open source license (license information is contained in the
> source archives on ftp server).
> I have uploaded seven packages to our FTP server that contain the source,
> documentation and other items for you to look at.
> host: jtstools.com
> user: jtsguest1
> pw: OpenLd@p1
> The packages are as follows:
> Fortress Core SDK
> 1. source - fortressSrc-1.0.0-rc1.zip - 352K bytes
> 2. source - fortressTestSrc-1.0.0-rc1.zip - 159K bytes
> 3. tutorial/doc - fortressSamples-1.0.0-rc1.zip - 766K bytes
> 4. javadoc - fortressDoc-1.0.0-rc1.zip - 1.4M bytes
> 5. ldap (folder) - Fortress schema and OpenLDAP slapd.conf
> Fortress Realm (Java EE Container plug-ins)
> 6. source - fortressRealmSrc-1.0.0-rc1.zip - 45K bytes
> 7. javadoc - fortressRealmDoc-1.0.0-rc1.zip - 76K bytes
> Package 4 contains complete javadoc for the APIs.
> In package 4, this link, ./fortressDoc-1.0.0-rc1/index.html, contains the
> overall summary of the SDK.
> this link, ./oamCore/trunk/dist/docs/api/index.html, contains package
> descriptions along with detailed documentation describing the contents of the
> What we are requesting from the OpenLDAP foundation:
> 1. Source code repository to host the SDK and Realm packages.
> 2. Bug tracking.
> 3. Developer and User forums.
> 4. Wiki (this is a nice to have)
> Our goal is to run the open source project with your organization and cultivate
> a healthy developer and user community. We have high hopes for this product
> (and OpenLDAP) and consider the 2 products together as an open source
> alternative for IAM products that will compete with the commercial vendor
> Once 1.0 is released, we will begin working on 2.0 which will include UI's to
> control Fortress and OpenLDAP along with a policy server to wrap the Fortress
> Java APIs with HTTP/REST Web APIs to make it available to all platforms.
> Thanks in advance for your consideration.
> Shawn McKinney
> JoshuaTree Software