Welcome to Apache Ki
Apache Ki is a powerful and flexible open-source Java security framework that cleanly handles authentication, authorization, enterprise session management and cryptography.
Our mission: To provide the most robust and comprehensive Java security framework available while also being very easy to understand and extremely simple to use.
Please feel free to read a little about us and check out the QuickStart. Then Download the project and try it out. Use the community resources at your disposal for support like the Mailing Lists and Forums, or maybe follow along with development issues. There are also a number of community Articles that you might find useful.
Features
Apache Ki aims to be the most comprehensive, but also the easiest to use Java security framework available. Here are some of the frameworks finer points:
- The easiest to understand Java Security API anywhere. Class and Interface names are intuitive and make sense. Anything is pluggable but good defaults exist for everything.
- Simple authentication (login) supported by one or more pluggable data sources (LDAP, JDBC, Kerberos, ActiveDirectory, etc).
- Simple authorization ('access control') with roles and fine-grained permissions support also using the above pluggable data sources.
- First-class caching support for enhanced application performance.
- Built-in POJO-based Enterprise Session Management. Use in both web and non-web environments or in any environment where Single Sign On (SSO) or clustered or distributed sessions are desired.
- Heterogeneous client session access. You are no longer forced to use only the HttpSession or Stateful Session Beans, which often unnecessarily tied applications to specific environments. Flash applets, C# applications, Java Web Start, and Web Applications, etc. can now all share session state regardless of deployment environment.
- Simple Single Sign-On (SSO) support piggybacking the above Enterprise Session Management. If sessions are federated across multiple applications, the user's authentication state can be shared too. Log in once to any application and the others all recognize that log-in.
- Simplest possible Cryptography APIs. Our Ciphers and Hashes (aka Digests) wrap the more complicated Java Cryptography Extensions (JCE) infrastructure, and are much easier to understand and use. For example, new Md5Hash("blah").toHex(); gives you the hex-encoded MD5 hash of "blah".
- An incredibly robust yet low-configuration web framework that can secure any url or resource, automatically handle logins and logouts, perform Remember Me services, and more.
- Extremely low number of required dependencies. Standalone configuration requires only slf4j-api.jar and one of slf4j's binding .jars. Web configuration requires only commons-logging.jar and commons-beanutils-core.jar. Feature-based dependencies (Ehcache caching, Quartz-based Session validation, Spring dependency injection, etc.) can be added when needed.
News
The Apache Ki project has finally migrated most of its infrastructure and website from the previous JSecurity
location.
The previous website will be online for a little while for archival purposes only. The ASF Confluence Wiki will be the source for all future site development and updates moving forward.
There are still a few things we need to do before this migration is totally complete:
- We need to apply a nice template to the wiki so we have a much better looking website, similar to what the Apache Directory and ActiveMQ folks have done.
- Ensure JavaDocs are accessible from this site. For now, you'll have to Download the source and run the mvn site maven command to generate the JavaDoc.
- Enable the documentation space for proper user documentation. This will happen very soon.
For those who have followed along on the previous website, here are the most relevant resources that you'll need to make sure you use moving forward:
I know this has been a long migration, but we're in the home stretch now! Thanks for being patient with us!
Best,
Les
More News
Stay current with All Apache Ki News