 | |
| Developer(s) | Apache Software Foundation |
|---|---|
| Stable release | 3.0.0 / September 6, 2023; 16 months ago (2023-09-06) |
| Repository | Fortress Repository |
| Written in | Java |
| Operating system | Cross-platform |
| Type | Authorization |
| License | Apache License 2.0 |
| Website | Official website |
Apache Fortress is an open source project of the Apache Software Foundation and a subproject of the Apache Directory. It is an authorization system, written in Java, that provides role-based access control, delegated administration and password policy using an LDAP backend.
Standards implemented:
- Role-Based Access Control (RBAC) ANSI INCITS 359
- Administrative Role-Based Access Control (ARBAC02)
- IETF Password Policy (draft)
- Unix Users and Groups (RFC2307)
Fortress has four separate components:
- Core - A set of security authorization APIs.
- Realm - A Web Container plug-in that provides security for the Apache Tomcat container.
- Rest - HTTP protocol wrappers of core APIs using Apache CXF.
- Web - HTML pages of core APIs using Apache Wicket.
History
Fortress was first contributed in 2011 to the OpenLDAP Foundation and moved to the Apache Directory project in 2014.
API
Fortress provides security functions via APIs corresponding to the standards implemented. For example, its RBAC API design mimics the functional specifications of ANSI INCITS 359 with function names, entities being the same.
References
- "Request for Contribution of Identity Access Management Software to OpenLDAP Project". OpenLDAP Foundation. 15 July 2011. Retrieved 20 April 2016.
- "Notice to donate Fortress to the Apache Directory Project". Apache Software Foundation. 16 September 2014. Retrieved 20 April 2016.
External links
 | This security software article is a stub. You can help Misplaced Pages by expanding it. |