OpenAM - Authentication, Authorization and SSO

  •        4307

OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.



Related Projects

JOSSO - Java Open Single Sign-On

JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners. It supports Windows authentication, LDAP support.

Single Sign On - 2.0 Web Service Membership Provider

In short, this is simply a pass-through web service membership provider and role provider library. I've taken advantage of the 2.0 membership provider model to allow pre-existing applications to easily integrate this library. The idea is to have one centrally hosted we...

spartan - A Scalable Client Authentication & Authorization System for Container-based Environments

Your server application (service provider) maps the role with service specific capabilities and the requests are validated against the auth tokens placed by the client while making requests to the server. The system is designed from ground up based on our experience with an existing IP based authorization system, keeping practicality, flexibility and security in mind. The implementation makes use of modern security and crypto practices and such as ECDSA and JWT.Spartan is complimentary to TLS. Spartan's primary goal is to enable client authentication and authorization capabilities. However it can provide mutual authentication as well. TLS is recommended for server authentication and transport security. TLS for client authentication is possible but is hard to operationalize at scale, especially in dynamic environments. Authorization capabilities in TLS certificates is also limited, if not impossible. Spartan is light weight form of PKI that provides identity, authentication and authorization capabilities. Transport security is also possible with ECDHE key exchange.

Search Guard - Rock solid Elasticsearch security on all levels

Search Guard is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats.

hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure

ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.

pac4j - The security engine to protect all your Java web applications

pac4j is a Java security engine to authenticate users, get their profiles and manage their authorizations in order to secure Java web applications. It supports most authentication mechanisms: OAuth (Facebook, Twitter, Google, Yahoo...), CAS, HTTP (form, basic auth...), OpenID, SAML, Google App Engine, OpenID Connect, JWT, LDAP, RDBMS, MongoDB and Stormpath and authorization checks.

fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.

DACS - Distributed Access Control System

DACS,a light-weight single sign-on and role-based security system for Apache or server-based software, provides comprehensive authentication capabilities, and powerful, transparent rule-based authorization checking for any web service or CGI program. The latest release of DACS is not available here. Get it at

jsecurity - Mirror of Apache JSecurity (incubating)

Apache Ki is a powerful and flexible open-source Java security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.

shiro - Mirror of Apache Shiro

Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.

Sentinel - A framework agnostic authentication & authorization system.

Sentinel is a PHP 5.4+ fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. Sentinel is a framework agnostic set of interfaces with default implementations, though you can substitute any implementations you see fit.

Apache Shiro - Java Security Framework

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any JVM-based application – from the smallest mobile applications to the largest web and enterprise applications.

gosaml - SAML client library written in Go (golang)

SAML is the successful OASIS standard for cloud based single sign on (SSO). SAML allows for companies that maintain a security infrastructure internally to allow using that same set of credentials via a safe, secure mechanism with externally hosted services.For instance, New Relic allows you to configure a saml provider ( so you can maintain your own credentials instead of using New Relic's.

single-signon - Implementasi Spring security dan cas untuk single sign on

Implementasi Spring security dan cas untuk single sign on

Jasig CAS single sign-on server emulation with ASP.NET

This project contains code that can extent an existing ASP.NET web application to emulate the single sign-on functionality of a Jasig Central Authentication Service (CAS).

ntlm-sso - Rack authentication module for single sign on via NTLM

Rack authentication module for single sign on via NTLM

auth0-servlet - Use Auth0 with Java Servlets

A simple (plain) Java library that allows you to use Auth0 with Java for server-side MVC web apps. Aims not to introduce specific frameworks or libraries such as Spring. Validates the JWT from Auth0 in every API call to assert authentication according to configuration. If your application only needs secured endpoints and the ability to programmatically work with a Principal object for GrantedAuthority checks this library is a good fit.If you are additionally interested in having Single Sign-On (SSO) between Java Servlet configured applications, then please take a look at our auth0-servlet-sso-sample sample.

Security - Middleware for security and authorization of web apps.

Contains the security and authorization middlewares for ASP.NET Core.A list of community projects related to authentication and security for ASP.NET Core are listed in the documentation.

Sign In As A Different User

Running your browser (IE) in a corporate environment will give you single sign on to web applications running in your intranet. But in some cases you need to access an URL with different credentials (admin purpose, etc.). Applications like SharePoint will provide you a solutio...