Josso Single Sign-On 1.2 Background: Identity Authentication System includes directory service, authentication and authorization service, Certificate Service, single sign-on service, system management, and other modules.
Josso is a Java-only single-point login verification framework based on J2EE. It is mainly used to provide centralized platform-independent user verification.
Main features of josso:
1 100% Java, using JAAS, Web Services/soap, EJB, struts, Servlet/jsp standard technology;
2. Single-point login across multiple applications and hosts Based on JAAS;
3. a pluggable design framework allows multiple verification rules and storage solutions;
4. You can use Servlet and EJB Security APIs to provide the identity authentication service for web applications and ejbs;
5. Supports Strong Authentication Mode for X.509 client certificates;
6. The reverse proxy module can be used to create multiple levels of single-point login authentication, and different authentication modes can be configured at each layer using multiple policies;
7. Supports database, LDAP, XML, and other methods to store user information and Certificate Services;
8. The client provides PHP and ASP APIs;
9 currently, JBoss 3.2.6 and Jakarta Tomcat 5.0.27 and later versions are supported.
10 Based on BSD license.
1. It is not provided yet.. Net client API, probably because. net Framework itself has a good verification mechanism, but single-point login is still necessary, especially for large websites, more need for unified User Login management.
2. I do not know whether or not later versions will support Active Directory ad.
SAML: Security Assertion Markup Language
Related connections: List of related products
Author: Tian Chunfeng
Use Java's open-source authentication system:
- Sun interoperability prototype for liberty-interoperability prototype for liberty is the first open-source implementation of the Liberty Alliance version 1.0 specification based on Java technology. IPL consists of sample Java source code libraries, implementing the Liberty version 1.0 specification, and is not designed for specified cial deployment. IPL is licensed as open source under the Sun Microsystems open source license.
- Sourceid-Open Source federated identity management-Liberty Alliance, SAML, and WS-Federation. Royalty free using cial use if used on fewer than 100 computers per company.
- Shibboleth-shibboleth is developing ubuntures, policy structures, practical technologies, and an open source implementation to support inter-institutional sharing of web resources subject to access controls. key concepts within shibboleth include: Federated administration, access control based on attributes, active management of privacy and used opensaml.
- Opensaml-opensaml is a set of open source Java and C ++ libraries that are fully consistent with the SAML 1.0 and 1.1 Cr specifications.
- Yale cas-the Central Authentication Server (CAS) is designed as a standalone web application. It is currently implemented as several Java Servlets and runs through a https server.
- Atlassian Seraph-Seraph is a very simple, pluggable J2EE Web Application Security Framework.
- Openspml-the Toolkit offers an easy-to-use interface for processing ing, issuing and interpreting Standards-compliant provisioning requests implements SS diverse identity infrastructures.
- Novell nsure UDDI server-nsure is a UDDI 2.0 registry built on directory services technology. it offers a secure access to the registry contents (authentication and authorization), uniied account management, and distribution of the Registry by leveraging directory services. it works with any LDAP (V3) based directory backend.
- Openprivacy-a reference implementation of the Reputation Management Framework (RMF ). openprivacy's core project is designed to handle the process of creating community with reputation enhanced pseudo donymous entities. the RMF is primarily a set of four interfaces: Nym manager, Communications Manager, Storage Manager and reputation calculation engine (RCE ).
- NSF middleware initiative-NMI-EDIT: identity and access management for collaborative applications.
- Jsai-jsai (pronounced "Jay-Say") is ipov's home grown servlet authentication implementation. jsai is implemented completely using j2se + Servlet technology; no J2EE "Application Server" needed. jsai supports basic JDBC and XML backed user stores, as well as an LDAP user store. jsai provides developers with the application level security they want and need for small and medium size Web applications; avoiding the complex setup in other security implementations that are aimed at large "enterprise" applications.
- Acegi security system for spring-comprehensive security services for the Spring framework.
- Gabriel-Gabriel is a security framework for Java. by using access control lists and permissions, Gabriel enables components to check access to actions. on top of that Gabriel protects methods like EJB does but without the overhead. it distinguishes itself from other frameworks by the role of use with a small API and by mapping method access to permissions instead of persons. this way the same permissions can be used to protect method access and to check which GUI elements to show based on user permissions.
- Josso-josso, or Java Open Single Sign-On, is an open source J2EE-based SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication. the pluggable framework allows to implement and combine multiple authentication schemes with credential stores.
- Kasai-the goal of Kasai is to provide a simple-to-use-yet-powerful security environment for multi-user applications. unlike JAAS, Kasai provides a much higher security authentication action. additionally, Kasai has des a very powerful and memory Ming auditing system that records all users activity on a relational database.
- Jpam-jpam is a Java-Pam bridge. pam, or Pluggable Authentication Modules, is a standard security architecture used on UNIX, Linux and Mac OS X systems. jpam permits the use of PAM Authentication facilities by Java applications running on those platforms.
- CAS generic Handler-cas generic handler is a plugin giving CAS (Central Authentication Service) The ability to authenticate users with different methods (LDAP, database, files, NIS ,...).