Centralized identity store and authentication broker for web applications. It supports a number of authentication mechanisms and is provided via a http-interface.
MIT License
31
stars
2
forks
source link
Implement strict validations for cross-realm violations #5
You should never ever be allowed to do stuff in a realm that your identity doesn't belong to, unless you are specifically god in the 'root' realm.