Overview

A versatile identity management server.

sponsored by Entr'ouvert <>

Features

Authentic 2 is heavily customisable.
Authentic 2 is written using Python and the Django framework and some C when speed matters - cryptography.

Authentic 2 main features are:
  • Identity provider and service provider SAML 2.0
  • Identity provider and relyinp party OpenID 1.0 and 2.0
  • Server CAS 1.0 and 2
  • Standards authentication mechanisms:
    - Simple password
    - One-time password (OATH and Google-Authenticator)
    - X509 certificate over SSL/TLS
  • Protocol proxying, for instance between OpenID and SAML
  • Support of LDAP v2 and v3 directories
  • Support of the PAM backend
  • Identity attribute management

Multiprotocol

Originally focused on SAML 2.0 and ID-WSF protocols, Authentic has evolved to become a trully multiprocol Identity provider : LDAP, SAML 2.0, OpenID, CAS, SSL... are all supported (to different extends). And it keeps evolving to integrate the most used standards.

Additionally it has several extra features; for example it can act as a proxy identity provider, redirecting requests from service providers to other identity providers; or help in forwardig identity attributes to service providers managing attribute namespaces.

Performance

The underlying components are quite fast and Authentic doesn't slow things down. There are no hard measure yet but a quick benchmark using autobench yielded more than 300 requests per second on a simple laptop.

Roadmap

  • multiple user referentials: you can plug authentic to many LDAP, RADIUS, SQL servers without fear of collisions; user can federate their accounts;
  • management of all kind of relying parties (CAS, SAML 2.0, WS-Federation, OpenID, etc..) using an unique interface; administrators will not be exposed to peculiarities of the protocols;
  • addition of an authorization policy management tool based on RBAC and ABAC, supporting the SAML 2.0 and XACML Authorization requests;
  • addition of an authenticating reverse proxy to integrate legacy application and simplify integration, with session management at the reverse proxy level;

SAML 2.0 conformance

Authentic implements SAML 2.0 through the use of Lasso, which has been certified as conformant to SAML 2.0 in december 2006.

Install

from source
from debian packages
from git repository (Browse)

Documentation

Administration guide (PDF version)

Discuss

Authentic's developpers and users hangs on the mailing list

Reports

You want to use but it does not work as you would like; you found a bug; you have a remark submit your remark or your bug ! Developers will work on it !

Issue tracking

View all issues

Members

Manager: Benjamin Dauvergne, Mikael Ates, Victor Claudet
Developer: Benjamin Dauvergne, Frédéric Péters, Mikael Ates, Thomas Noël, Victor Claudet
Issue submitter: Benjamin Dauvergne, Christophe Boutet, Clément Oudot, Frédéric Péters, Jean Christophe André, Jérôme Schneider, Mikael Ates, Pierre Cros, Thomas Chemineau, Thomas Noël, Victor Claudet

Latest news

Authentic 2, release 2.0.2
Added by Thomas Noël 6 days ago

Authentic 2 is out !
Added by Thomas Noël 5 months ago

View all news