AuthzForce


AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with XACML standard v3.0, and able to retrieve extra attributes from various sources, e.g. LDAP/SQL databases, REST services or X.509 Attribute Certificates.

AuthzForce is an Attribute-Based Access Control (ABAC) framework, compliant with the OASIS XACML standard v3.0, that mostly consists of an authorization policy engine and a RESTful authorization server. It was primarily developed to provide advanced access control for Web Services or APIs, but is generic enough to address all kinds of access control use cases.
You can use AuthzForce in two ways depending on your needs:
    - Java API: AuthzForce provides a XACML PDP (Policy Decision Point) engine as a Java library so that applications can instantiate and use an embedded XACML PDP easily with Java.
    - Web API: AuthzForce provides a multi-tenant HTTP/REST API to PDPs and PAPs (Policy Administration Points) that web clients can call to manage policies, request authorization decisions, etc.

AuthzForce is able to retrieve attributes from a XACML Request of course, but also from other attribute sources, e.g. LDAP or SQL database servers, REST services, X.509 attribute certificates. Besides, its plugin architecture enables developers to support custom attribute sources by adding new plugins.

 

Web site

News


News feed

Releases / Downloads


Awards

Project leader(s)

Romain Ferrari, Thales Group


Functionality

Security

Status

Incubation

License(s)

Apache License 2.0

Standards

Java EE LDAP REST SOA X.509 XACML

VCS repository(ies)

Issue tracker URL

Discussion channels

http://scr.im/azteam (anti-spam protection)


Documentation

- AuthzForce Core (Java Library) - Quick Start Guide: https://authzforce.ow2.org
- AuthzForce Server (Web API):
  - REST API specification: http://docs.authorizationpdp.apiary.io/
  - Installation & Administration Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/InstallationAndAdministrationGuide.html
  - User & Developer Guide: http://authzforce-ce-fiware.readthedocs.io/en/release-5.4.1d/UserAndProgrammersGuide.html .


Wikipedia page

Market Readiness Synthesis

AuthzForce development was started in 2012, the project was primarily developed to provide advanced access control for Web Services and APIs, but is generic enough to address all kinds of access control use cases. On-going developments are supported by French defense electronics giant Thales for its large systems integration contracts. Authzforce is thus not professionally marketed as a stand-alone product and support for non-Thales users is provided on a best effort basis by the development team and the user community.  Authzforce is an alternative to open source Open Policy Agent and proprietary Axiomatics.

Best Practices
Implementation





With the extent to which the project implements best practices in open source software development...

More on best practices and how they are collected here.

Project Profile
 





...and the profile it reveals based on our five key attributes...

More on how project attributes are commputed here.

Market Readiness
Level





...this project reaches the above Market Readiness Level.

More on the definition and computation of Market Readiness Levels here.

MRL Assessment Diagram

This page lists the control points used in our assessment of the project's market readiness with their normalised values. It shows how they are combined to form the model. Please go to the methodology overview for more on the model and data collection.

Sources of Raw Data

Please use the links in this section for the raw data used in our MRL modeling.

Source Code Repository(ies):
Quality Metrics (SonarQube):
Licence Metrics (ScanCode):
..