是OpenDJ,OpenAM和OpenIAM免费软件 [英] Is OpenDJ, OpenAM and OpenIAM free software
问题描述
已经使用OpenDJ和OpenAM的人们的经验如何?旧版本似乎可以免费使用,但新版本似乎不是免费使用.它们与现有的商业产品相比如何?与将OpenLDAP与CAS一起使用相比,它们看起来是更好的选择,但看起来也不免费.
What has been the experience of folks who have already been using OpenDJ and OpenAM? Older versions seem free to use but the new releases don't seem to be free for use. How do they compare to the existing commercial offerings? They look like a better option than using OpenLDAP with CAS but don't look free.
推荐答案
在下面,您可以根据仅出于历史目的而问这个问题的时间找到答案.
Below you can find answers depending on when this question was asked just for the sake of history.
2017年4月3日之后的答案
在这里,随着对业务模型的最新更改,您可以找到需要了解的关键详细信息:
With the recent changes made to the business model here you can find the key details you will need to know:
- 主要产品的最新版本已被首先重命名,但其次已被重新版本以符合ForgeRock的Identity Platform视图:
- OpenAM 14.0.0-> Access Manager 5.0.0
- OpenDJ 4.0.0->目录服务5.0.0
- OpenIDM 5.0.0->身份管理5.0.0
- OpenIG 5.0.0-> Identity Gateway 5.0.0
- The latest versions of the main products have been firstly renamed, but secondly has been re-versioned to match ForgeRock's Identity Platform views:
- OpenAM 14.0.0 -> Access Manager 5.0.0
- OpenDJ 4.0.0 -> Directory Services 5.0.0
- OpenIDM 5.0.0 -> Identity Management 5.0.0
- OpenIG 5.0.0 -> Identity Gateway 5.0.0
- ForgeRock提供的源代码(即ForgeRock的知识产权)未获得开放源代码许可证的许可.
- 所有不完全属于ForgeRock的源代码(例如,属于Sun的原始源代码,或具有开放源代码贡献者的工作与之相关的源代码)仍可以在CDDL许可下获得,并可以通过以下方式获得: forgerock.org .
- 所有ForgeRock IP均已获得非开放源代码许可证的许可.
- 社区版本实质上是产品最后EOL版本的最新维护版本.
- 由于它们是维护版本,因此它们首先要更稳定,而其次要稍微更加安全(仅略微一点,因为这些版本尚未更新为包括自2007年以来发布的安全修复程序)这些版本的原始发行日期).
- 可以在 forgerock.github.io 下找到社区版本.
- 有了这些新版本,每个社区成员都必须自己做出决定:他们想购买最新但EOL稳定版本的产品,还是想与最新的公众分享运气,但可能是较不成熟的软件版本(例如在业务模型更改之前发布的OpenAM 13.0.0).
- The community editions are essentially the latest maintenance releases of the last EOL'd versions of the products.
- Since these are maintenance releases, they are meant to be firstly more stable, but secondly slightly more secure (only slightly since these versions have not been updated to include the security fixes that have been issued since these versions' original release date).
- The community editions can be found under forgerock.github.io
- With these new releases every community member will have to make a decision themselves: do they want to go for the latest, but EOL'd stable version of the product, or do they want to try their luck with the latest public, but likely to be less mature software versions (like OpenAM 13.0.0 that was released before the business model change).
ForgeRock的官方公告的简短内容,请在ForgeRock论坛中查看此主题以获得更多详细信息.
Short of an official announcement from ForgeRock, please have a look at this topic in the ForgeRock forum for more details.
总结:
Open *产品仍然是开源的,可以免费获得,但是ForgeRock不再公开开发它们.尚不清楚是否将提供新的社区版本,但是以当前示例为例,社区每年将可以访问该产品的EOL版本.
The Open* products are still open source and freely available, however they are no longer being publicly developed by ForgeRock. Whether new community versions will be made available is yet unknown, but given the current example, each year the community would get access to an EOL'd version of the product..
2017年4月3日之前的答案
以下是有关项目和总体许可的一些事实:
Here are some facts about the projects and the licensing in general:
- 只有主要版本才可以公开获得,这意味着源代码以SVN标签的格式提供,而可以从 BackStage 将具有二进制许可证.
- 二进制许可证允许人们测试产品,但阻止他们在没有支持订阅的情况下在生产环境中使用这些二进制文件.
- 维护版本既不是公开发行的,也不是公开发行的,也不是二进制格式的.
- 每个项目的主干(或主干)都是公开可用的,这意味着每种形式的错误修复都可以使用一种形式或形式,因此,如果幸运的话,应该有可能将重要的修复从主干中挑选到自己的特殊维护版本上
- 每种产品的构建都相对简单(也许Web代理除外),因此,它不会对您的部署构成太大的风险(ForgeRock确实有一些客户正在为其部署构建自己的工件,因此真的不是一门火箭科学.
- 从BackStage下载工件仅需要一些使用受代理保护的应用程序的技能,这是一个curl命令示例:
- Only major releases are made publicly available, which means the source code is available in the format of an SVN tag, whilst the binary that can be downloaded from BackStage will have the binary license on it.
- The binary license allows people to test out the product, but it prevents them from using those binaries in production environments without support subscription.
- Maintenance versions are not available publicly neither in source nor in binary format.
- Each project's trunk (or master) is publicly available, which means that in one shape or form every single bugfix is available, so with some luck it should be possible to cherry-pick important fixes from trunk onto your own special maintenance version.
- Each product is relatively simple to build (except maybe the web agents), and as such it shouldn't pose much of a risk to your deployment (ForgeRock does have customers who are building their own artifacts for their deployments, so it is really not a rocket science).
- Downloading the artifacts from BackStage only requires some skills on working with agent protected applications, here is an example curl command:
$ curl -O -H "Cookie: fr_sso_sess_prod=AQIC5w..." https://backstage.forgerock.com/downloads/enterprise/openam/openam12/12.0.0/OpenAM-12.0.0.war- 不幸的是,主要版本中常有一些令人讨厌的错误,对于这些错误,反向移植相对简单,因为主干和最新主要版本之间的差异不应太大,因此您应该能够通过以下方式处理这些错误:手动向后移植修补程序.由于主要版本大约每隔一年左右发布一次,因此不必庆幸这些本地更改的生存时间就太长了.
- 项目拥有活跃的社区,在任何问题上获得帮助都不应该太困难(让它成为部署问题或如何在本地构建项目)
也许我应该提到我是ForgeRock的员工,所以请随便发表我的意见.
Probably I should mention that I'm a ForgeRock employee, so take my comments as you please.
只需澄清:当您自己建立中继线时,不必购买订阅.仅ForgeRock企业版本应包括二进制许可证.在构建自己的东西时,是由您创建二进制文件,因此您可以简单地决定将二进制许可证排除在其中.
Just to clarify: when you build trunk on your own, you do not have to buy subscription. Only ForgeRock enterprise builds should include the binary license. When building your own stuff, it is you who creates the binaries, hence you can simply decide to leave the binary license out of it.
这篇关于是OpenDJ,OpenAM和OpenIAM免费软件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
