AuthzForce
AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with XACML standard v3.0, and able to retrieve extra attributes from various sources, e.g. LDAP/SQL databases, REST services or X.509 Attribute Certificates.
AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with the OASIS XACML standard v3.0, that mostly consists of an authorization policy engine and a RESTful authorization server. It was primarily developed to provide advanced access control for Web Services or APIs, but is generic enough to address all kinds of access control use cases.
You can use AuthzForce in two ways depending on your needs:
- Java API: AuthzForce provides a XACML PDP (Policy Decision Point) engine as a Java library so that applications can instantiate and use an embedded XACML PDP easily with Java.
- Web API: AuthzForce provides a multi-tenant HTTP/REST API to PDPs and PAPs (Policy Administration Points) that web clients can call to manage policies, request authorization decisions, etc.
AuthzForce is able to retrieve attributes from a XACML Request of course, but also from other attribute sources, e.g. LDAP or SQL database servers, REST services, X.509 attribute certificates. Besides, its plugin architecture enables developers to support custom attribute sources by adding new plugins.
Status
Mature
License(s)
Apache License 2.0
Website
Documentation
- AuthzForce Core (Java Library) - Quick Start Guide: https://authzforce.ow2.org
- AuthzForce Server (Web API):
- REST API specification: http://docs.authorizationpdp.apiary.io/
- Installation & Administration Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/InstallationAndAdministrationGuide.html
- User & Developer Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/UserAndProgrammersGuide.html .
Releases / Downloads
- AuthzForce Core (Java library): https://github.com/authzforce/core/releases
- Sources, binaries and Javadoc available for download on Maven Central Repository.
- authzforce-ce-core-pdp-engine: the main core library.
- authzforce-ce-core-pdp-testutils: library for testing/experimental features only; depends on authzforce-ce-core-pdp-engine.
- Sources, binaries and Javadoc available for download on Maven Central Repository.
- AuthzForce Server:
- Binary distributions available on Maven Central Repository in two forms:
- Ubuntu package (recommended option): .deb;
- Other Linux distributions: .tar.gz.
- Docker image available on Docker Hub: authzforce-server
- Documentation available online and as downloadable HTML and PDF.
- Binary distributions available on Maven Central Repository in two forms:
VCS repository(ies)
- type: git
url: https://gitlab.ow2.org/authzforce
url: https://github.com/authzforce
Issue tracker URL
Discussion channels
http://scr.im/azteam (anti-spam protection)
Project leader(s)
Cyril Dangerville, Thales Group
Romain Ferrari, Thales Group
Wikipedia page
News
- 2023/11/23 - 21.0.1
- 2023/11/03 - 21.0.0
- 2023/11/03 - 20.3.2
- 2023/08/12 - 20.3.1
- 2023/04/20 - 20.3.0
- 2022/12/09 - 20.2.0
- 2022/10/30 - 20.1.1
- 2022/03/28 - 20.1.0
- 2022/03/10 - 20.0.0
- 2022/02/07 - 19.0.0
News feed
Awards
Standards
Java EE LDAP REST SOA X.509 XACML
AuthzForce development was started in 2012, the project was primarily developed to provide advanced access control for Web Services and APIs, but is generic enough to address all kinds of access control use cases.
On-going developments are supported by French defense electronics giant Thales for its large systems integration contracts.
Authzforce is thus not professionally marketed as a stand-alone product and support for non-Thales users is provided on a best effort basis by the development team and the user community. Authzforce is an alternative to open source Open Policy Agent and proprietary Axiomatics.
Market Readiness Level
Project Market Readiness Level computed by OW2.
More on the definition and computation of Market Readiness Levels here.
Best Practices Implementation
Coverage of best practices in open source software development implemented by the project.
More on best practices and how they are collected here.
Project Profile
Computation of the project's profile through five key attributes defined by OW2.
More on how project attributes are commputed here.
MRL Assessment Diagram
This page lists the control points used in our assessment of the project's market readiness with their normalised values. It shows how they are combined to form the model. Please go to the methodology overview for more on the model and data collection.
Sources of Raw Data
Please use the links in this section for the raw data used in our MRL modeling.
- type: git
url: https://gitlab.ow2.org/authzforce
url: https://github.com/authzforce
Market Readiness Synthesis