...
- 3rd party apps authentication, SSO and authorization:
- Act as SAML 2.0 Identity Provider; Integrate via
- Integrate via mod_shib (Apache HTTPd),
- nginx-http-shibboleth (Nginx),
- iis7_shib.dll (IIS)
- Act as OpenID Connect 1.0 Provider, gain certification; integrate via
- integrate via mod_auth_openidc (Apache HTTPd),
- nginx-openid-connect (Nginx),
- Microsoft.AspNetCore.Authentication.OpenIdConnect .Net package (IIS)
- Implement the latest version available of the CAS protocol; integrate via the various CAS clients available:
- Apache HTTPd,
- Nginx,
- Java,
- .NET,
- PHP,
- Perl,
- Python,
- Ruby
- Standard set of authentication modules, and API to extend / create new ones:
- username / password with different backends back-ends (DBMS, LDAP, ...)
- TLS client certificate
- Time-based One-time password
- SAML 2.0 SP
- OpenID Connect 1.0 Client
- Radius
- U2F
- WebAuthn
- ...
- Authentication chains by combining more authentication modules, similar to Linux's PAM (required, sufficient, requisite, ...)
- Step-up authentication (e.g. associate level to authentication modules in a chain, and let 3rd party apps require minimum level to access)
- Multi-factor authentication
- Authorization
- Access Policies
- URL-based
- grant-based (for JWT)
- Implement XACML 3.0
- Flexible UI for web access
- dynamically adapting for the configured authentication features (modules, chains, levels, ...)
- highly customizable, either graphically and processing
- API gateway for REST APIs authentication and authorization
References Projects and products ... |
|
|
|