Projet

Général

Profil

OldHomepage

A versatile identity management server.

Features

Authentic 2 main features are:
  • SAML 2.0 Identity and service provider
  • OpenID 1.0 and 2.0 identity provider
  • Server CAS 1.0 and 2.0 using a plugin
  • Standards authentication mechanisms:
    • Login/password through internal directory or LDAP
    • X509 certificate over SSL/TLS
  • Protocol proxying, for instance between OpenID and SAML
  • Support of LDAP v2 and v3 directories
  • Support of the PAM backend
  • One-time password (OATH and Google-Authenticator) using a plugin
  • Identity attribute management
  • Plugin system

Multiprotocol

Originally focused on the SAML protocols, Authentic has evolved to become a trully multiprocol Identity provider : LDAP, SAML 2.0, OpenID, CAS, SSL... are all supported (to different extends). And it keeps evolving to integrate the most used standards.

Additionally it has several extra features; for example it can act as a proxy identity provider, redirecting requests from service providers to other identity providers; or help in forwardig identity attributes to service providers managing attribute namespaces.

Performance

The underlying components are quite fast and Authentic doesn't slow things down. There are no hard measure yet but a quick benchmark using autobench yielded more than 300 requests per second on a simple laptop.

Roadmap

  • multiple user referentials: you can plug authentic to many LDAP, RADIUS, SQL servers without fear of collisions; user can federate their accounts;
  • management of all kind of relying parties (CAS, SAML 2.0, WS-Federation, OpenID, etc..) using an unique interface; administrators will not be exposed to peculiarities of the protocols;
  • addition of an authorization policy management tool based on RBAC and ABAC, supporting the SAML 2.0 and XACML Authorization requests;
  • addition of an authenticating reverse proxy to integrate legacy application and simplify integration, with session management at the reverse proxy level;

SAML 2.0 conformance

Authentic implements SAML 2.0 through the use of Lasso, which has been certified as conformant to SAML 2.0 in december 2006.

Install

from source
from debian packages
from git repository (Browse)

Documentation

Administration guide (PDF version)

Discuss

Authentic's developpers and users hangs on the mailing list authentic@listes.entrouvert.com

Reports

You want to use but it does not work as you would like; you found a bug; you have a remark submit your remark or your bug ! Developers will work on it !

Formats disponibles : PDF HTML TXT