h1. OldHomepage

A versatile identity management server.


h2. Features

*Authentic 2* main features are:
* SAML 2.0 Identity and service provider
* OpenID 1.0 and 2.0 identity provider
* Server CAS 1.0 and 2.0 using a plugin
* Standards authentication mechanisms:
** Login/password through internal directory or LDAP
** X509 certificate over SSL/TLS
* Protocol proxying, for instance between OpenID and SAML
* Support of LDAP v2 and v3 directories
* Support of the PAM backend
* One-time password (OATH and Google-Authenticator) using a plugin
* Identity attribute management
* Plugin system

h3. Multiprotocol

Originally focused on the SAML protocols, Authentic has evolved to become a trully multiprocol Identity provider : LDAP, SAML 2.0, OpenID, CAS, SSL... are all supported (to different extends). And it keeps evolving to integrate the most used standards.

Additionally it has several extra features; for example it can act as a proxy identity provider, redirecting requests from service providers to other identity providers; or help in forwardig identity attributes to service providers managing attribute namespaces.

h3. Performance

The underlying components are quite fast and Authentic doesn't slow things down. There are no hard measure yet but a quick benchmark using autobench yielded more than 300 requests per second on a simple laptop.

h2. Roadmap

* multiple user referentials: you can plug authentic to many LDAP, RADIUS, SQL servers without fear of collisions; user can federate their accounts;
* management of all kind of relying parties (CAS, SAML 2.0, WS-Federation, OpenID, etc..) using an unique interface; administrators will not be exposed to peculiarities of the protocols;
* addition of an authorization policy management tool based on RBAC and ABAC, supporting the SAML 2.0 and XACML Authorization requests;
* addition of an authenticating reverse proxy to integrate legacy application and simplify integration, with session management at the reverse proxy level;

h2. SAML 2.0 conformance

Authentic implements SAML 2.0 through the use of "Lasso":http://dev.entrouvert.org/projects/lasso, which has been certified as conformant to SAML 2.0 in december 2006.

h2. Install

"from source (pypi)":http://pypi.python.org/pypi/authentic2/
"from debian packages":http://deb.entrouvert.org/
"from git repository":http://repos.entrouvert.org/authentic.git ("Browse":http://dev.entrouvert.org/projects/authentic/repository)

h2. Documentation

"Administration guide":http://packages.python.org/authentic2/ ("PDF version":http://dev.entrouvert.org/attachments/2506/Authentic2.pdf)

h2. Discuss

Authentic's developpers and users hangs on the mailing list "authentic@listes.entrouvert.com":http://listes.entrouvert.com/info/authentic

h2. Reports

You want to use but it does not work as you would like; you found a bug; you have a remark "submit your remark or your bug !":http://dev.entrouvert.org/projects/authentic/issues/new Developers will work on it !