AuthZForce is an Attribute-Based Access Control (ABAC) framework, compliant with the OASIS XACML standard v3.0, that mostly consists of an authorization policy engine and a RESTful authorization server. It was primarily developed to provide advanced access control for Web Services or APIs, but is generic enough to address all kinds of access control use cases.You can use AuthZForce in two ways depending on your needs: - Java API: AuthZForce provides a XACML PDP (Policy Decision Point) engine as a Java library so that applications can instantiate and use an embedded XACML PDP easily with Java. - Web API: AuthZForce provides a multi-tenant HTTP/REST API to PDPs and PAPs (Policy Administration Points) that web clients can call to manage policies, request authorization decisions, etc.
AuthZForce is able to retrieve attributes from a XACML Request of course, but also from other attribute sources, e.g. LDAP or SQL database servers, REST services, X.509 attribute certificates. Besides, its plugin architecture enables developers to support custom attribute sources by adding new plugins.
Romain Ferrari, Thales Group
- type: git url: https://tuleap.ow2.org/projects/AuthzForce/
http://scr.im/azteam (anti-spam protection)
- AuthzForce Core (Java Library) - Quick Start Guide: https://authzforce.ow2.org- AuthzForce Server (Web API): - REST API specification: http://docs.authorizationpdp.apiary.io/ - Installation & Administration Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1b/InstallationAndAdministrationGuide.html - User & Developer Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1b/UserAndProgrammersGuide.html.
This wiki is licensed under a Creative Commons 2.0 licenseXWiki Enterprise 6.4.4 - Documentation