LemonLDAP::NG - Web Single Sign On and Access Management Free Software

  •        145

LemonLDAP::NG is a complete and modular Web-SSO system that can run with reverse-proxies or directly on application webservers. It can be used in conjunction with OpenID-Connect, CAS and SAML systems as identity or service provider. It can also be used as proxy between those federation systems.

It manages user credentials against plenty of backends (LDAP, Active Directory, Kerberos, Database, PAM, CAS, SAML, OpenID Connect, Facebook, Twitter, LinkedIn, Radius, WebID, x509, REST, ...). Second Factor Authentication (2FA) with U2F, TOTP, Yubikey and more.

It also supports browsing opened sessions live, Push user identity in access logs, Display login history.

https://lemonldap-ng.org/
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng

Tags
Implementation
License
Platform

   




Related Projects

Authelia - The Single Sign-On Multi-Factor Authentication Server

  •    Go

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for reverse proxies like nginx, Traefik or HAProxy to let them know whether requests should either be allowed or redirected to Authelia's portal for authentication. Authelia works in combination with nginx, Traefik or HAProxy. It can be deployed on bare metal with Docker or on top of Kubernetes.

Gluu Server - Identity and Access Management (IAM) platform

  •    Java

Gluu's open source authentication & API access management software for securing Web & mobile applications using open standards like SAML & OpenID Connect. Its features include Single Sign-On, Access Management, OAuth, Multi-Factor Authentication, LDAP Directory Integration, User Management and lot more.

Univention Corporate Server - Easy administration of your IT infrastructure

  •    C

Univention Corporate Server is a preconfigured, 100% open source Linux server and IT management system. It is free of charge and perfect for providing Microsoft Server-like services on the cloud or on the premises, to run and operate corporate IT environments with Windows- and Linux-based clients and to extend those environments with proven enterprise software, also either on the cloud or on the premises.

caddy-auth-portal - Authentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2

  •    Go

Authentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication. The purpose of this plugin is providing authentication only. The plugin issue JWT tokens upon successful authentication. In turn, the authorization of the tokens is being handled by caddy-auth-jwt.


Keycloak - Open Source Identity and Access Management For Modern Applications and Services

  •    Java

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application.

Mandriva - Identity and Network Management

  •    C

Mandriva Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. If you already use Samba, Postfix, Squid or CUPS, you can benefit from MDS today to manage your infrastructure.

Apereo CAS - Enterprise Single Sign On for all earthlings and beyond

  •    Java

Welcome to the home of the Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution for the web and attempts to be a comprehensive platform for your authentication and authorization needs. CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features.

389 Directory Server - Powerful OpenSource LDAP

  •    C

The enterprise-class Open Source LDAP server for Linux. It is hardened by real-world use, is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world. OpenLDAP and Fedora Directory Server were both derived from the original University of Michigan slapd project. In 1996 the original developers of slapd became Netscape employees and developed Netscape Directory Server, which is now Fedora Directory Server.

JOSSO - Java Open Single Sign-On

  •    Java

JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners. It supports Windows authentication, LDAP support.

Harbor - An enterprise-class container registry server based on Docker Distribution

  •    Go

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

yosai - A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail

  •    Python

Yosai is a "security framework" that features authentication, authorization, and session management from a common, intuitive API. Yosai is based on Apache Shiro, written in Java and widely used today.

Adldap2-Laravel - LDAP Authentication & Management for Laravel

  •    PHP

Easy configuration, access, management and authentication to LDAP servers utilizing the root Adldap2 repository. Note: If you are using laravel 5.5 or higher you can skip the service provider and facade registration and continue with publishing the configuration file.

django-two-factor-auth - Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects

  •    Python

Complete Two-Factor Authentication for Django. Built on top of the one-time password framework django-otp and Django's built-in authentication framework django.contrib.auth for providing the easiest integration into most Django projects. Inspired by the user experience of Google's Two-Step Authentication, allowing users to authenticate through call, text messages (SMS), by using a token generator app like Google Authenticator or a YubiKey hardware token generator (optional). I would love to hear your feedback on this package. If you run into problems, please file an issue on GitHub, or contribute to the project by forking the repository and sending some pull requests. The package is translated into English, Dutch and other languages. Please contribute your own language using Transifex.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps.Dex is NOT a user-management system, but acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

nginx-ldap-auth - Example of LDAP authentication using ngx_http_auth_request_module

  •    Python

Note: For ease of reading, this document refers to NGINX Plus, but it also applies to open source NGINX. The prerequisite ngx_http_auth_request_module module is included both in NGINX Plus packages and prebuilt open source NGINX binaries. The nginx-ldap-auth software is a reference implementation of a method for authenticating users who request protected resources from servers proxied by NGINX Plus. It includes a daemon (ldap-auth) that communicates with an authentication server, and a sample daemon that stands in for an actual back-end server during testing, by generating an authentication cookie based on the user’s credentials. The daemons are written in Python for use with a Lightweight Directory Access Protocol (LDAP) authentication server (OpenLDAP or Microsoft Windows Active Directory 2003 and 2012).

play-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT

  •    Java

The play-pac4j project is an easy and powerful security library for Play framework v2 web applications which supports authentication and authorization, but also logout and advanced features like CSRF protection. It can work with Deadbolt. It's based on Play 2.6 (and Scala 2.11 or Scala 2.12) and on the pac4j security engine v3. It's available under the Apache 2 license. The LogoutController logs out the user from the application.

casdoor - A UI-first centralized authentication / Single-Sign-On (SSO) platform based on OAuth 2

  •    Javascript

We provide two start up methods for all kinds of users. Casdoor provides two run modes, the difference is binary size and user prompt.

2fa - Two-factor authentication on the command line

  •    Go

2fa is a two-factor authentication agent. 2fa -add name adds a new key to the 2fa keychain with the given name. It prints a prompt to standard error and reads a two-factor key from standard input. Two-factor keys are short case-insensitive strings of letters A-Z and digits 2-7.

Waffle - Enable drop-in Windows Single Sign On for popular Java web servers

  •    Java

WAFFLE is a native Windows Authentication Framework consisting of two C# and Java libraries that perform functions related to Windows authentication, supporting Negotiate, NTLM and Kerberos. Waffle also includes libraries that enable drop-in Windows Single Sign On for popular Java web servers, when running on Windows. While Waffle makes it ridiculously easy to do Windows Authentication in Java, on Windows, Waffle does not work on *nix(UNIX-like). Unlike many other implementations Waffle on Windows does not require any server-side Kerberos keytab setup, it's a drop-in solution.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.