Enterprise Sign On Engine
||This article contains content that is written like an advertisement. (October 2008) (Learn how and when to remove this template message)|
|This article does not cite any sources. (October 2008) (Learn how and when to remove this template message)|
|Developer(s)||Queensland University of Technology|
|Written in||Java and C++|
|Type||Identity and access management|
|License||Apache License 2.0|
The Enterprise Sign On Engine is an open source platform for single sign on, access control and federation. It was originally built for the Queensland University of Technology and subsequently made available to all under the Apache 2.0 license.
ESOE is standards based, complying with SAML 2.0 and implementing a significant subset of XACML 2.0. The core server system is developed in Java while connectivity to services is achieved through provided SAML service provider software for Apache Tomcat/JBoss, Apache Web Servers and Microsoft IIS.
The design goals of ESOE are such that it should interact with any type of service and even aggregate identity data across them. Support for LDAP compliant servers and Microsoft Active Directory are implemented as reference plugins for the authentication 'pipeline'.
The underlying architecture of ESOE is such that all modules are able to be removed, replaced or reimplemented to suit a specific deployment. This is achieved with heavy utilization of the Spring Framework and interface driven design. Development is carried out with using Agile principals and the software includes hundreds of automated test cases.
For added flexibility each core part of the system has been developed using a pluggable pipeline approach. This means that authentication, identity and SSO events must each traverse a pipeline of plugins which all perform different tasks. This allows organizations to add functionality specific to their deployment while still taking advantage of the core logic.
The entire system is built using a centralized ESOE Build system which relies on Apache Ant. Dependencies in the system are automatically maintained by heavy integration with Apache Ivy. Eclipse is the preferred development environment. All code is stored in Subversion.