LemonLDAP::NG

Presentation

LemonLDAP::NG is an open source Web Single Sign On (WebSSO), Access Management and Identity Federation product, written in Perl and Javascript.

LemonLDAP::NG is a free software, released under GPL license.

LemonLDAP::NG is the first SSO software deployed in French administrations. It can handle more than 350 000 users. Many private firms use it too. Check our references!

Main Features

Single Sign On for Web Applications

  • Many SSO-ready applications (OBM, Bugzilla, Dokuwiki, etc.)
  • Special Handlers for Zimbra, Sympa
  • Replace all .htaccess based security
  • Forward SSO trough HTTP Auth-Basic or form replay
  • One line code to integrate in Java, PHP, .Net, Perl, Ruby, Python, …

Strong authorization system

  • URL matching trough regular expressions (subdirectories, file types, …)
  • Use of any user session information to build access rule

Authentication modules

  • LDAP
  • Active Directory
  • Database
  • SSL X509
  • Apache built-in modules (Kerberos, NTLM , OTP, …)
  • SAML 2.0 / Shibboleth
  • OpenID
  • OpenID Connect
  • Twitter
  • Google
  • Facebook
  • CAS
  • BrowserID (Mozilla)
  • WebID (W3C)
  • Radius
  • Yubikey
  • Multiple and Choice (modules stacking)

LDAP integration

  • LDAP v2 and v3 protocol support
  • SSL / TLS
  • Active Directory compliance
  • Password policy
  • Recursive groups

Identity provider

  • SAML 2.0 / Shibboleth
  • OpenID 2.0
  • OpenID Connect
  • CAS 1.0/2.0/3.0

User interfaces

  • Dynamic application menu
  • Password change form
  • Password reset by mail
  • Self register page

Administration

  • Graphical Manager
  • Sessions explorer
  • Status page
  • Apache logs
  • Syslog
  • Log4Perl compatibility

Security

  • Protected cookies
  • XSS and SQL/LDAP injection protection
  • Compatibility with Apache mod_security
  • User tracking in Apache logs or syslog

Project activity

OpenHUB statistics

SVN activity