Title: Gluu Crowdfunds OAuth2 strong authentication and API access management software for Apache Web servers.
1Gluu Crowdfunds OAuth2 strong authentication and
API access management software for Apache Web
servers
- Plugin enables SSO to websites that support
OpenID Connect 1.0. Early support for the UMA
OAuth2 profile for authorization may offer
domains alternatives to CA SiteMinder. - March 5, 2014 Austin, TX OAuth2 is becoming
increasingly popular as a protocol to secure
websites. This crowd-funded plugin for the
popular Apache Web server will enable system
administrators to easily protect folders or
specific APIs without the need to write complex
code. Gluu today demonstrated deployment of the
plugin using the Ubuntu Juju orchestration
platform, enabling instant two-factor
authentication for an Apache web server. - 34 contributors from around the world helped to
fund the CrowdTilt campaign. Three open source
security companies contributed to the project
Gluu, ForgeRock, and Symas. For more information
about the CrowdTilt, see here.
2Using a web container plugin to act as the
policy enforcement point is widely used strategy
by commercial Web access management platforms,
for example, Computer Associates SiteMinder
product. The crowd-funded Apache plugin simply
uses OAuth2 to standardize what had previously
been a proprietary protocol, said Gluu CEO and
OX Project Founder Michael Schwartz. It doesnt
make sense for each vendor to have their own
Apache container plugin, said Lasse Andresen,
CTO and co-founder of ForgeRock. Collaboration
on an open source Apache plugin, and other
container plugins such as tomcat and nginx, will
make it easier for system administrators to
centralize authentication and authorization for
their domain. It will also make it easier to
support social login, a key missing component
from earlier proprietary web access management
solutions. OAuth2 builds on previous
authentication standards like LDAP. Were
excited to see how the adoption of new OAuth2
profiles is enabling vendors to leverage their
directory infrastructure to publish information
about people to web and mobile applications in a
secure way, said Marty Heyman, President of
Symas, authors of the popular OpenLDAP
Distribution. Continued enhancements to the
crowdfunded code are planned. For technical
information about how to deploy the OAuth2
Plugin, see here. If you want to see the software
in action, Gluu is participating in an UMA
Webinar with ForgeRock and Computer Associates on
March 20, 2014.
3- About Gluu
- Gluu provides support for the Gluu Server for
single sign-on, strong authentication, and web
access management. A subscription to the Gluu
Server enables an organization to quickly launch
open standard based security services for their
domain on their private or public cloud. - About ForgeRock
- ForgeRock is redefining identity and access
management for the modern web including public
cloud, private cloud, hybrid cloud, social,
mobile and enterprise environments. ForgeRock
products support mission-critical operations with
a fully open source platform. ForgeRocks Open
Identity Stack powers solutions for many of the
worlds largest companies and government
organizations. - For more information and free downloads, visit
www.forgerock.com or follow ForgeRock on Twitter. - About Symas
- Symas is the premier provider of technical
support services for OpenLDAP, the fastest and
most advanced Open Source LDAP Directory
Software.