... | ... | @@ -2271,14 +2271,14 @@ individually. |
|
|
Here's a list of the possible applications that could do this that
|
|
|
we're aware of:
|
|
|
|
|
|
| Application | Features | Notes |
|
|
|
|------------------|----------------------------------------------------------------------------|---------------------------------------------|
|
|
|
| [Keycloak][] | SSO, LDAP | |
|
|
|
| [FreeIPA][] | SSO, LDAP | built on top of 389 DS (Fedora LDAP server) |
|
|
|
| [Authelia][] | SSO, 2FA, OIDC | |
|
|
|
| [Authentik][] | SSO, 2FA, OIDC, SAML, LDAP, proxy, metrics | |
|
|
|
| [LemonLDAP-ng][] | | [packaged in Debian][] |
|
|
|
| [kanidm][] | SSO, 2FA, OIDC, LDAP, Radius, SSH, PAM + offline support, web/CLI UI, Rust | |
|
|
|
| Application | Features | Notes |
|
|
|
|------------------|-----------------------------------------------------------------------------------|-------------------------------------------------------|
|
|
|
| [Keycloak][] | SSO, 2FA, OIDC, OAuth 2, LDAP, SAML 2, Kerberos, SQL, web UI, HA/clustering, Java | [possibly no Webauthn support][], sponsored by RedHat |
|
|
|
| [FreeIPA][] | SSO, LDAP, DNS, web/CLI UI, C? | built on top of 389 DS (Fedora LDAP server) |
|
|
|
| [Authelia][] | SSO, 2FA/webauthn, OIDC, LDAP, rate-limiting, password reset, HA, Go/React | |
|
|
|
| [Authentik][] | SSO, 2FA/webauthn, OIDC, LDAP, Radius, proxy, metrics, Python/TypScript | sponsored by DigitalOcean |
|
|
|
| [LemonLDAP-ng][] | SSO, 2FA/webauthn, OIDC, LDAP, SAML, Kerberos, SQL, Perl | [packaged in Debian][] |
|
|
|
| [kanidm][] | SSO, 2FA, OIDC, LDAP, Radius, SSH, PAM + offline support, web/CLI UI, Rust | |
|
|
|
|
|
|
See also [mod_auth_openidc](https://github.com/OpenIDC/mod_auth_openidc) for an Apache module supporting OIDC.
|
|
|
|
... | ... | @@ -2292,6 +2292,7 @@ swap ud-ldap out if we need to, replacing bits of it as we go. |
|
|
[kanidm]: https://github.com/kanidm/kanidm
|
|
|
[LemonLDAP-ng]: https://lemonldap-ng.org/
|
|
|
[packaged in Debian]: https://tracker.debian.org/pkg/lemonldap-ng
|
|
|
[possibly no Webauthn support]: https://github.com/keycloak/keycloak-community/blob/main/design/web-authn-two-factor.md
|
|
|
|
|
|
#### Keycloak
|
|
|
|
... | ... | |