Ada Security provides a security framework which allows applications to define and enforce security policies. This framework allows users to authenticate by using OpenID Authentication 2.0 as well as OAuth 2.0 protocol. It allows a web application to integrate easily with Yahoo!, Gitlab, Github, Facebook and Google+ authentication systems. The Ada05 library includes:
- An OpenID client authentication,
- An OAuth 2.0 client authentication,
- An OpenID Connect authentication framework,
- An OAuth 2.0 server authentication framework,
- A policy based security framework to protect the resources
The Ada Security library is used by the Ada Web Application to provide authentication and access control to users within the web applications.
- Add Create function for API key grant types
alr with security
To use Ada Security library, configure as follows:
./configure
make
The unit tests are built and executed with:
make test
For the installation, use the following command:
make install
The package provides a simple AWS server that illustrates the OpenID and OpenConnect authentication. Because OAuth2 relies exclusively on HTTPS, you must use an AWS server that has the SSL support. Build it as follows:
gprbuild -Psamples
Before launching the demo server, you must update the 'samples.properties' file and change the lines that contain PUT-HERE-YOUR-FACEBOOK-xxx with your client ID and client secrets. This change is required by the OAuth and OpenID Connect framework only. Then, run the server:
bin/auth_demo
and redirect your browser to:
http://localhost:8080/atlas/login.html
The Ada Security sources as well as a wiki documentation is provided on:
The OAuth literature is quite complete on the Internet and there are several good tutorials and documentation.
- Facebook Login
- Using OAuth 2.0 to Access Google APIs
- Yahoo OAuth 2.0 Guide
- Salesforce OAuth 2.0 Guide (this is a good guide if you want to learn)