AuthzForce

AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with XACML standard v3.0, and able to retrieve extra attributes from various sources, e.g. LDAP/SQL databases, REST services or X.509 Attribute Certificates.

AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with the OASIS XACML standard v3.0, that mostly consists of an authorization policy engine and a RESTful authorization server. It was primarily developed to provide advanced access control for Web Services or APIs, but is generic enough to address all kinds of access control use cases.
You can use AuthzForce in two ways depending on your needs:
    - Java API: AuthzForce provides a XACML PDP (Policy Decision Point) engine as a Java library so that applications can instantiate and use an embedded XACML PDP easily with Java.
    - Web API: AuthzForce provides a multi-tenant HTTP/REST API to PDPs and PAPs (Policy Administration Points) that web clients can call to manage policies, request authorization decisions, etc.

AuthzForce is able to retrieve attributes from a XACML Request of course, but also from other attribute sources, e.g. LDAP or SQL database servers, REST services, X.509 attribute certificates. Besides, its plugin architecture enables developers to support custom attribute sources by adding new plugins.

Status

Mature

License(s)

Apache License 2.0

Website

https://authzforce.ow2.org

Documentation

- AuthzForce Core (Java Library) - Quick Start Guide: https://authzforce.ow2.org
- AuthzForce Server (Web API):
  - REST API specification: http://docs.authorizationpdp.apiary.io/
  - Installation & Administration Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/InstallationAndAdministrationGuide.html
  - User & Developer Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/UserAndProgrammersGuide.html .


Releases / Downloads


Issue tracker URL

https://gitlab.ow2.org/groups/authzforce/-/issues

VCS repository(ies)

- type: git
  url: https://gitlab.ow2.org/authzforce
  url: https://github.com/authzforce


Discussion channels

http://scr.im/azteam (anti-spam protection)


Project leader(s)

Romain Ferrari, Thales Group


Wikipedia page

https://en.wikipedia.org/wiki/XACML

News


News feed

https://github.com/authzforce/core/releases.atom

Awards

award.png  2016  Technology Council Special Prize Award

Standards

Java EE LDAP REST SOA X.509 XACML

Market Readiness Synthesis


AuthzForce development was started in 2012, the project was primarily developed to provide advanced access control for Web Services and APIs, but is generic enough to address all kinds of access control use cases.
On-going developments are supported by French defense electronics giant Thales for its large systems integration contracts.
Authzforce is thus not professionally marketed as a stand-alone product and support for non-Thales users is provided on a best effort basis by the development team and the user community. Authzforce is an alternative to open source Open Policy Agent and proprietary Axiomatics.

Market Readiness Level




Project Market Readiness Level computed by OW2.

More on the definition and computation of Market Readiness Levels here.

Best Practices Implementation




Coverage of best practices in open source software development implemented by the project.

More on best practices and how they are collected here.


Project Profile  




Computation of the project's profile through five key attributes defined by OW2.

More on how project attributes are commputed here.

MRL Assessment Diagram

This page lists the control points used in our assessment of the project's market readiness with their normalised values. It shows how they are combined to form the model. Please go to the methodology overview for more on the model and data collection.

Sources of Raw Data

Please use the links in this section for the raw data used in our MRL modeling.