7

Are there any open source centralized authorization services available? There are lots of solutions for centralizing the authentication information (eg: CAS and JOSSO), but what about the authorization information?

There are some really good authorization frameworks (eg: Spring Security (formerly Acegi) and Seam Security), but it seems that I have to composite these into individual tiers or services. In other words, I can't run them standalone very easily. With a SOA, it seems like it would be very valuable to centralize not just the authentication but the authorization information as well (ie: roles, permissions, rules, etc.).

Any suggestions?

gavioto
  • 1,695
  • 2
  • 17
  • 38
jnorris
  • 6,350
  • 8
  • 30
  • 33

3 Answers3

5

Are you looking for something that supports XACML? If so, the closest to open source you can get is the OpenSSO project which has portions of what you seek.

McGovernTheory
  • 6,556
  • 4
  • 41
  • 75
2

The openly available Kerberos implementations provide Client Service Authorization as well as Client Authentication.

Read about Using Kerberos 5 on Red Hat Linux.

lothar
  • 19,853
  • 5
  • 45
  • 59
1

Hum, maybe you can use a SSO solution and create a service which returns all the authorization information (roles, permissions, rules, etc) and make each application use this service to get each authenticated user authorization information.

razenha
  • 7,660
  • 6
  • 37
  • 53