We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
Sentinel - A framework agnostic authentication & authorization system.
- 188
Sentinel is a PHP 5.4+ fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. Sentinel is a framework agnostic set of interfaces with default implementations, though you can substitute any implementations you see fit.
Its fetures include:
- Authentication.
- Authorization.
- Registration.
- Users & Roles Management.
- Driver based permission system.
- Flexible activation scenarios.
- Reminders (password reset).
- Inter-account throttling with DDoS protection.
- Custom hashing strategies.
- Multiple sessions.
- Multiple login columns.
- Integration with Laravel.
- Allow use of multiple ORM implementations.
- Native facade for easy usage outside Laravel.
- Interface driven (your own implementations at will).
https://cartalyst.com/manual/sentinel
| Tags | authentication-framework authentication authorization permissions roles security |
| Implementation | PHP |
| License | BSD |
| Platform | Windows Linux MacOS |
Related Projects
yosai - A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail
Yosai is a "security framework" that features authentication, authorization, and session management from a common, intuitive API. Yosai is based on Apache Shiro, written in Java and widely used today.
authentication authorization sessionmanagement rbac security twofactorauth totp two-factormustbe - Authorization plumbing for NodeJS/ExpressJS/ConnectJS apps
MustBe is not a complete authorization framework, with roles and responsibilities and models and data access and everything that you need. Rather, it is the underlying plumbing that you need to secure your site. It allows you to fill in the necessary parts to manage data access, roles and users, and gives you the activity based plumbing to secure it all. MustBe is an authorization system - the part of a security system that decides whether or not you are allowed to do something. This is the second of authentication and authorization, where authentication simply determines who you are.
authorization authorized authenticated activities activity security cancan roles check rules expressslim-auth - Authorization and authentication for the Slim Framework using ZF2 Authentication and Acl components
Slim Auth is an authorization and authentication library for the Slim Framework. Authentication is provided by the Zend Framework Zend\Authentication component, and authorization by the Zend Framework Zend\Permissions\Acl component. If you're familiar with Zend\Authentication and Zend\Permissions\Acl, you'll be able to implement the library without any trouble. Otherwise, you might want to wait for the docs to be completed (no ETA) or open a GitHub issue with any questions or problems you encounter.
connect-roles - Provides dynamic roles based authorisation for node.js connect and express servers.
Connect roles is designed to work with connect or express. It is an authorisation provider, not an authentication provider. It is designed to support context sensitive roles/abilities, through the use of middleware style authorisation strategies. If you're looking for an authentication system I suggest you check out passport.js, which works perfectly with this module.
roles authorization authentication security connect express passport everyauthApache Shiro - Java Security Framework
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any JVM-based application – from the smallest mobile applications to the largest web and enterprise applications.
jaas security-framework authentication authorization cryptography securityplay-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT
The play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.
play-framework security authentication authorization cas oauth saml openid-connect ldap jwt sql mongodb login social-login logout facebook twittergatekeeper - Gatekeeper: An Authentication & Authorization Library
The Gatekeeper library is a simple drop-in library that can be used to manage users, permissions and groups for your application. The goal is to make securing your application as simple as possible while still providing a solid and secure foundation to base your user system around. Gatekeeper is best classified as a Role-Base Access Control (RBAC) system with users, groups and permissions. It is framework-agnostic and is set up to use its own database for the user handling.
authentication authorizationpac4j - The security engine to protect all your Java web applications
pac4j is a Java security engine to authenticate users, get their profiles and manage their authorizations in order to secure Java web applications. It supports most authentication mechanisms: OAuth (Facebook, Twitter, Google, Yahoo...), CAS, HTTP (form, basic auth...), OpenID, SAML, Google App Engine, OpenID Connect, JWT, LDAP, RDBMS, MongoDB and Stormpath and authorization checks.
security authentication authorization security-framework library oauth openidOpenAM - Authentication, Authorization and SSO
OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.
security authentication authorization sso single-sign-on security-librarySearch Guard - Elasticsearch plugin that offers encryption, authentication, and authorisation
Search Guard is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats.
elasticsearch-plugin elasticsearch-security elasticsearch-tools securitybouncer - Eloquent roles and abilities.
Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. Bouncer is an elegant, framework-agnostic approach to managing roles and abilities for any app using Eloquent models. With an expressive and fluent syntax, it stays out of your way as much as possible: use it when you want, ignore it when you don't.
laravel laravel-5-package authorization eloquent security permissions auth roles aclexpress-jwt-permissions - :vertical_traffic_light: Express middleware for JWT permissions
Middleware that checks JWT tokens for permissions, recommended to be used in conjunction with express-jwt. This middleware assumes you already have a JWT authentication middleware such as express-jwt.
express jwt permissions middleware authorization token securityFreeIPA - Identity and Access Management for Linux
FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
identity-management identity-access-management identity authentication authorization policy securityfosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.
oauth oauth2 library sdk security auth authentication authorization openid-connect oauth2-server oauth2-providercas - Apereo CAS - Enterprise Single Sign On for all earthlings and beyond.
Welcome to the home of the Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution for the web and attempts to be a comprehensive platform for your authentication and authorization needs. CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features.
sso-authentication authentication authorization websso saml2 oauth2 openidconnect ldap-authentication spring-boot spring-webflow thymeleaf spring-cloud spring-framework identity-provider u2f-server duosecurity apache2 sso open-sourcefriend - An extensible authentication and authorization library for Clojure Ring web applications and services
An extensible authentication and authorization library for Clojure/Ring web applications and services. Nothing like Friend exists, and it needs to. Securing Ring applications and services is (charitably speaking) a PITA right now, with everyone rolling their own, or starting with relatively low-level middlewares and frameworks. This will never do. Serious web applications need to take security seriously, and need to readily interoperate with all sorts of authentication mechanisms that have come to litter the web as well as internal networks.
laratrust - Handle roles and permissions in your Laravel application
Laratrust is an easy and flexible way to add roles, permissions and teams authorization to Laravel 5 (>=5.2.32). For Laravel < 5.2.32 please use the 4.0 branch.
laratrust laravel roles authorization permissions acl rbac secure multiuser teamsaws-serverless-auth-reference-app - Serverless reference app and backend API, showcasing authentication and authorization patterns using Amazon Cognito, Amazon API Gateway, AWS Lambda, and AWS IAM
SpaceFinder is a reference mobile app that allows users to book conference rooms, work desks, and other shared resources. The app showcases serverless authentication and authorization using the AWS platform.The mobile front-end is built using the Ionic 3 framework and client libraries to call AWS services and mobile backend APIs. The backend APIs themselves are powered by AWS services. The backend APIs are built using a serverless architecture, which makes it easy to deploy updates, and it also means that there are no servers to operationally manage.
amazon-cognito aws-cognito serverless iam serverless-architectures aws-lambda cognito cognito-quickstart authentication authorization auth amazon-api-gateway aws aws-apigatewaytut-spring-boot-oauth2 - Spring Boot and OAuth2:: A tutorial on "social" login and single sign on with Facebook and Github
This guide shows you how to build a sample app doing various things with "social login" using OAuth2 and Spring Boot. It starts with a simple, single-provider single-sign on, and works up to a self-hosted OAuth2 Authorization Server with a choice of authentication providers (Facebook or Github). The samples are all single-page apps using Spring Boot and Spring OAuth on the back end. They also all use plain jQuery on the front end, but the changes needed to convert to a different JavaScript framework or to use server side rendering would be minimal. Because one of the samples is a full OAuth2 Authorization Server we have used the shim JAR which supports bridging from Spring Boot 2.0 to the old Spring Security OAuth2 library. The simpler samples could also be implemented using the native OAuth2 support in Spring Boot security features. The configuration is very similar.
declarative_authorization - An unmaintained authorization plugin for Rails
The declarative authorization plugin offers an authorization mechanism inspired by RBAC. The most notable distinction to other authorization plugins is the declarative approach. That is, authorization rules are not defined programmatically in between business logic but in an authorization configuration. With programmatic authorization rules, the developer needs to specify which roles are allowed to access a specific controller action or a part of a view, which is not DRY. With a growing application code base roles' permissions often change and new roles are introduced. Then, at several places of the source code the changes have to be implemented, possibly leading to omissions and thus hard to find errors. In these cases, a declarative approach as offered by decl_auth increases the development and maintenance efficiency.
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
