A standards based and open source Identity Access Management Java SDK for LDAP v3 compliant systems.

What can Fortress SDK do?

Contained within this SDK are APIs and utilities to perform authentication, authorization, administration, audit and password policies. The most important package in this system is us.jts.fortress which contains all of the public APIs that are called by outside programs.

Fortress Manager APIs

  1. AccessMgr - This class performs runtime access control operations on objects that are provisioned RBAC entities that reside in LDAP directory.
  2. AdminMgr - This class performs administrative functions to provision Fortress RBAC entities into the LDAP directory.
  3. AuditMgr - This interface prescribes methods used to search OpenLDAP's slapd access log.
  4. DelAccessMgr - This interface prescribes the API for performing runtime delegated access control operations on objects that are provisioned Fortress ARBAC02 entities that reside in LDAP directory.
  5. DelAdminMgr - This class prescribes the ARBAC02 DelegatedAdminMgr interface for performing policy administration of Fortress ARBAC entities that reside in LDAP directory.
  6. DelReviewMgr - This class prescribes the ARBAC02 DelegatedReviewMgr interface for performing policy interrogation of provisioned Fortress ARBAC02 entities that reside in LDAP directory.
  7. PwPolicyMgr - This class adheres to IETF PW policy draft and is used to perform administrative and review functions on the PWPOLICIES and USERS data sets within Fortress.
  8. ReviewMgr - This interface prescribes the administrative review functions on already provisioned Fortress RBAC entities that reside in LDAP directory.
Error Handling
These APIs throw checked exceptions defined in SecurityException

What technologies are used?

Fortress SDK runs on any platform that supports Java technology and LDAP v3 protocols. Functionality that extends beyond LDAP v3 is provided via OpenLDAP specific features. In other words Fortress was optimized to run on OpenLDAP.

What are the conditions of use?

This software development toolkit is open source, thus free to use and distribute via the BSD 3-Clause License. It was developed and tested on open systems like Ubuntu and Centos and was helped along by the following open source products:

  1. The OpenLDAP Project
  2. The Apache Software Foundation
  3. UnboundID
  4. The Eigenbase Project
  5. Ehcache

Check out these samples in the us.jts.fortress.samples package to show how Fortress APIs can be used by outside clients. The dist target in build.xml creates the samples package in the /dist folder of this project and is intended to be used for experimentation.