JOSSO SINGLE SIGN-ON 1.2 Introduction
Background knowledge: identity authentication system includes: directory service, verification and authorization service, certificate service, single landing service, system management and other modules.
JOSSO is a simple Java J2EE-based single-point login verification framework, mainly used to provide a centralized platform-independent user verification.
JOSSO main features:
1 100% Java, using Jaas, Web Services / SOAP, EJB, Struts, Servlet / JSP standard technology;
2 Based on JaaS across multiple applications and hosts on multiple applications;
3 Pluggled design framework allows for a variety of verification rules and storage schemes;
4 You can use the Servlet and EJB Security API to provide an identity authentication service for web applications, EJBs;
5 Support for the Qualification mode of the X.509 client certificate;
6 Use the reverse proxy module to create multi-layered single landing certifications, and use multiple policies to configure different verification modes at each layer;
7 Support for storage user information and certificate services such as database, ldap, xml.
8 The client provides PHP, ASP API;
9 Currently JBoss 3.2.6 and Jakarta Tomcat 5.0.27 above support.
10 based on BSD license.
JOSSO homepage
Comments:
1. There is currently no .NET client API, maybe because the .NET framework itself has a good verification mechanism, it is still necessary, especially for large websites, more need to be unified. User login management.
2, I don't know if I will support the Active Directory AD.
Related noun:
SAML: Security Assertion Markup Language
Related connection: related product list
Author: Tian Chunfeng
Time: 20050206
Reserved address: http://blog.9cbs.net/accesine960/archive/2005/02/06/282574.aspx
Use Java's open source identity authentication system:
Sun Interoperability Prototype for Liberty -. Interoperability Prototype for Liberty is the first open-source implementation of the Liberty Alliance Version 1.0 specification based on Java technology IPL consists of sample Java source code libraries, implementing the Liberty version 1.0 specification, and is not designed for The Commercial Deployment. IPL IS Licensed As Open Source Under The Sun Microstems Open Source License.
SourceID - Open Source Federated Identity Management - Liberty Alliance, SAML, AND WS-Federation. Royalty Free Commercial Uses Per Company.
Shibboleth - Shibboleth is developing architectures, policy structures, practical technologies, and an open source implementation to support inter-institutional sharing of web resources subject to access controls Key concepts within Shibboleth include: Federated Administration, Access Control Based On Attributes, Active Management of. Privacy and used opensaml.opensaml - OpenSAML IS A SET OF OPEN SOURCE JAVA AND C Libraries That Are Fully Consistent with The Saml 1.0 and 1.1 CR Specifications.
Yale Cas - The Central Authentication Server (CAS) is Designed AS A STANDALONE Web Application. It is currently imported as Several Java Servlets and Runs Through a https server.
Atlassian SERAPH - SERAPH IS A VERY SIMPLE, PLUGGABLE J2EE Web Application Security Framework.
OpenSPML - The Toolkit Offers An Easy-To-Use Interface for Configuring, Issuing and Interpreting Standards-Compliant Provisioning Requests Across DiversE Identity Infrastructure.
Novell Nsure UDDI Server -.. Nsure is a UDDI 2.0 registry built on Directory Services technology It offers a secure access to the registry contents (authentication and authorization), unified account management, and distribution of the registry by leveraging Directory Services It works with any LDAP (V3) based Directory Backend.
.. OpenPrivacy - A reference implementation of the Reputation Management Framework (RMF) OpenPrivacy's core project is designed to ease the process of creating community with reputation enhanced pseudonymous entities The RMF is primarily a set of four interfaces: Nym Manager, Communications Manager, Storage Manager And Reputation Calculation Engine (RCE).
NSF Middleware Initiative - NMI-EDIT: Identity and Access Management for Collaborative Applications.jSai - jSai (pronounced "Jay-Say") is iPOV's home grown Servlet Authentication Implementation jSai is implemented completely using J2SE Servlet technology; no J2EE "Application Server. . "needed jSai supports basic JDBC and XML backed user stores, as well as an LDAP user store jSai provides developers with the application level security they want and need for small and medium size web applications;. avoiding the complex setup in other security implementations that Are AIMED AT LARGE "Enterprise" Applications.
Acegi Security System for Spring - CompRensive Security Services for the Spring Framework.
Gabriel -... Gabriel is a security framework for Java By using access control lists and permissions, Gabriel enables components to check access to actions On top of that Gabriel protects methods like EJB does but without the overhead It distinguishes itself from other frameworks by the ease of use with a small API and by mapping method access to permissions instead of persons. This way the same permissions can be used to protect method access and to check which GUI elements to show based on user permissions.
JOSSO - JOSSO, or Java Open Single Sign-On, is an open source J2EE-based SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication The Pluggable framework allows to implement and combine multiple authentication schemes with credential stores..
Kasai - The goal of Kasai is to provide a simple-to-use-yet-powerful security environment for multi-user applications Unlike JAAS, Kasai provides a much higher security abstraction Additionally, Kasai includes a very powerful and performing auditing system that.. records all users activity on a relational database.JPAM - JPAM is a Java-PAM bridge PAM, or Pluggable authentication Modules, is a standard security architecture used on Unix, Linux and Mac OS X systems JPAM permits the use of PAM authentication facilities.. By Java Applications Running on Those Platforms.
Cas Generic Handler - Cas Generic Handler Is A Plugin Giving Cas (Central Authentication Service) The Ability To Authenticate Users with Different Methods (LDAP, Database, Files, NIS, ...).
