wjy + authentication   41

paragonie/paseto: Platform-Agnostic Security Tokens
Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards.

What follows is a reference implementation. Requires PHP 7 or newer.
php  alternative  jwt  authentication  security 
june 2018 by wjy
Okta | Always On
Adaptive security to protect your data
security  authentication  identity  saas  api 
january 2018 by wjy
Kong - Open-Source API Management and Microservice Management
Secure, Manage & Extend your APIs and Microservices
The open-source API Gateway and Microservices Management Layer, delivering high performance and reliability.
opensource  api  microservices  gateway  auth  authentication  security  nginx 
may 2017 by wjy
OATH Toolkit
The OATH Toolkit provide components for building one-time password authentication systems. It contains shared libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization that specify the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported.

The components included in the package is:

liboath: A shared and static C library for OATH handling.

oathtool: A command line tool for generating and validating OTPs.

pam_oath: A PAM module for pluggable login authentication for OATH.

libpskc: A shared and static C library for PSKC handling.

pskctool: A command line tool for manipulating PSKC data.
security  authentication  otp  pam  toolkit  tools  tool  oath 
january 2017 by wjy
Apache Shiro | Java Security Framework
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest mobile applications to the largest web and enterprise applications.
apache  security  java  auth  authentication  authorization  crypto  session 
january 2015 by wjy
Grant is authentication middleware for Express
oauth  express  webdev  authentication  middleware  playground 
november 2014 by wjy
FIDO Alliance
The FIDO (Fast IDentity Online) Alliance is a 501(c)6 non-profit organization nominally formed in July 2012 to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords.
security  authentication  UAF  U2F  identity  FIDO 
october 2014 by wjy
hello.js - Javascript API for OAuth2 authentication and REST services
A client-side Javascript SDK for authenticating with OAuth2 (and OAuth1 with a oauth proxy) web services and querying their REST API's. HelloJS standardizes paths and responses to common API's like Google Data Services, Facebook Graph and Windows Live Connect. Its modular so that list is growing. No more spaghetti code!
oauth  javascript  client  js  authentication  auth 
september 2014 by wjy
JSON Web Tokens - jwt.io
JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is digitally signed using JSON Web Signature (JWS).
json  token  jwt  jws  oauth  ietf  authentication  auth 
september 2014 by wjy
Token-based AngularJS Authentication
angularjs  angular  authentication  oauth  oauth2 
august 2014 by wjy
Authenticate with web services utilizing the same strategy as Bitcoin.
bitauth  authentication  bitcoin  decentralized  javascript  js 
july 2014 by wjy
DMARC.org - Domain-based Message Authentication, Reporting and Conformance
DMARC, which stands for "Domain-based Message Authentication, Reporting & Conformance", is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols. DMARC standardizes how email receivers perform email authentication using the well-known SPF and DKIM mechanisms. This means that senders will experience consistent authentication results for their messages at AOL, Gmail, Hotmail, Yahoo! and any other email receiver implementing DMARC. We hope this will encourage senders to more broadly authenticate their outbound email which can make email a more reliable way to communicate.
dmarc  email  security  authentication 
april 2014 by wjy
Passport - Simple, unobtrusive authentication for Node.js.
Passport is authentication middleware for Node.js. Extremely flexible and modular, Passport can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.
nodejs  authentication  javascript  security  oauth  node.js  node  middleware  express  express.js 
march 2014 by wjy
Hawk is an HTTP authentication scheme using a message authentication code (MAC) algorithm to provide partial HTTP request cryptographic verification. For more complex use cases such as access delegation, see Oz.
http  authentication  api  oz  hawk 
august 2013 by wjy
Simple Authentication and Security Layer - Wikipedia, the free encyclopedia
Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols.
jabber  protocol  xmpp  authentication  wikipedia  sasl  security  sysadmin  network 
may 2013 by wjy
node.js auth package (password, facebook, & more) for Connect and Express apps
library  auth  javascript  oauth  authentication  node.js  nodejs 
april 2012 by wjy
omab/django-social-auth - GitHub
Django Social Auth is an easy to setup social authentication/authorization mechanism for Django projects.
webdev  authentication  social-auth  openid  facebook  twitter  social  python  django 
february 2012 by wjy
blueprint is DevStructure’s workhorse tool that looks inside popular package managers, finds changes you made to configuration files, and archives software you built from source to generate Puppet, Chef, or shell code.  Everything blueprint sees is stored in Git to be diffed and pushed.  It runs on Ubuntu Linux 10.04 and newer.
sysadmin  deployment  server  chef  puppet  authentication 
march 2011 by wjy
XAuth Info
XAuth is an open platform for extending authenticated user services across the web.

Participating services generate a browser token for each of their users. Publishers can then recognize when site visitors are logged in to those online services and present them with meaningful, relevant options.
api  xauth  authentication  javascript 
april 2010 by wjy
What is email authentication (SPF, Sender ID and DomainKeys/DKIM) and how do I set it up? - Campaign Monitor
there are two main authentication standards you should support called Sender ID and DomainKeys/DKIM.
email  authentication  antispam  SPF  DKIM  DomainKeys 
june 2009 by wjy
OpenID versus OAuth from the user’s perspective - cakebaker
This article shows the differences between OpenID and its younger cousin OAuth by providing for each a typical user scenario.
web  opensource  standards  comparison  OpenID  OAuth  authentication  zuthorization 
december 2008 by wjy

related tags

alternative  angular  angularjs  antispam  apache  api  article  auth  authentication  authenticator  authorization  behavior  bestpractices  bitauth  bitcoin  blockchain  browser  cheatsheet  chef  client  cloud  comparison  crypto  decentralized  deployment  django  DKIM  dmarc  DomainKeys  email  encryption  enterprise  express  express.js  facebook  FIDO  gateway  gcp  google  hawk  http  identity  ietf  innovation  jabber  java  javascript  jose  js  json  jws  jwt  keypair  library  linux  list  login  microservices  middleware  mozilla  multifactor  network  nginx  node  node.js  nodejs  oath  oauth  oauth2  openid  opensource  otp  owasp  oz  pam  password  php  playground  programming  protocol  puppet  python  reference  saas  sasl  security  server  service  session  social  social-auth  software  SPF  ssh  standards  sysadmin  token  tool  toolkit  tools  trustauth  tutorial  twitter  twofactor  U2F  UAF  web  webdev  websec  wikid  wikipedia  xauth  xmpp  yubikey  zuthorization 

Copy this bookmark: