ARAAS is a ticket-based system to authenticate users for web applications. It consists of a J2EE web application to authenticate users and generate secure session tickets and an Apache module to verify the tickets. It is possible to use the tickets on multiple web servers to provide single-sign-on.
Users are authenticated against an LDAP server. However, the authentication mechanism is extendable to allow the use of other kinds of authentication servers.
Once the user is authenticated normal Apache authorization configuration can be used to grant access to web pages. A later release of ARASS will also allow to centralize the authorization information in a separate repository, like a database or an LDAP server. This can be used by web applications to store generic authorization information, similar to OMGs RAD service.
The project is hosted by at http://sourceforge.net/projects/araas/
|