5 Star 29 Fork 20

LdapAuth/ldapauth

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
贡献代码
同步代码
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README
Apache-2.0

项目介绍

基于OpenLDAP企业级认证平台(EIAM),用于管理企业组织架构、员工账号、身份认证、应用访问,帮助整合本地或云端的业务系统及第三方 SaaS 系统的所有身份,实现一个账号登录访问所有应用。支持OAuth2.x、OIDC、SAML2.0、JWT、CAS等SSO标准协议。

官网地址:http://ldapauth.com

官网邮箱:contact@ldapauth.com

付费服务支持或商务合作:


⭐️ 如果你喜欢 LdapAuth,请给它一个 Star,您的支持将是我们前行的动力。

核心特性

  • 基于OpenLDAP企业级认证平台(EIAM),用于管理企业组织架构、员工账号、身份认证、应用访问统一管理。
  • 支持企业微信,钉钉,飞书,OpenLDAP等开箱即用数据源。
  • 支持图片动态验证码、短信验证码、Google/Microsoft Authenticator/FreeOTP/支持TOTP或者HOTP,保证用户认证安全可靠。
  • 支持微信、钉钉、飞书QQ等社交认证集成,使企业具有快速纳入互联网化认证能力。
  • 支持 SAML2OAuth2OIDCCASJWT等认证协议及机制,实现单点登录功能。
  • 完善的安全审计,详尽记录每一次用户行为,使每一步操作有据可循,实时记录企业信息安全状况,精准识别企业异常访问和潜在威胁的源头。

系统架构

功能描述

功能模块 功能项 功能描述
我的应用 我的应用 用户已授权的应用列表,点击应用,无需二次密码输入,快速单点到业务系统。
身份管理 组织管理 组织管理解决企业组织管理问题。这些实体您可以直接在LDAPAUTH中进行维护,也可以通过配置LDAPAUTH身份源后,同步身份源的数据。
用户管理 用户管理解决企业用户管理问题。这些实体您可以直接在LDAPAUTH中进行维护,也可以通过配置LDAPAUTH身份源后,同步身份源的数据。
用户组管理 用户组管理,这些实体您可以直接在LDAPAUTH中进行维护,可以授权组成员、菜单、应用的权限等基本操作
应用管理 OIDC协议应用 OIDC是OpenID Connect的简称,OIDC=(Identity, Authentication) + OAuth 2.0。它在OAuth2上构建了一个身份层,是一个基于OAuth2协议的身份认证标准协议。OIDC是一个协议族,提供很多的标准协议,包括Core核心协议和一些扩展协议。
JWT协议应用 JWT(JSON Web Token)是在网络应用环境声明的一种基于 JSON 的开放标准。LdapAuth 使用 JWT 进行分布式站点的单点登录 (SSO)。JWT 单点登录基于非对称加密,由 LdapAuth 将用户状态和信息使用私钥加密,传递给应用后,应用使用公钥解密并进行验证。使用场景非常广泛,集成简单。
SAML协议应用 SAML(Security Assertion Markup Language 安全断言标记语言)是一个基于XML的开源标准数据格式,为在安全域间交换身份认证和授权数据,尤其是在IDP(Identity Provider身份提供方)和SP(Service Provider 服务提供方)之间。
CAS协议应用 CAS是Central Authentication Service的缩写,中央认证服务,一种独立开放指令协议。。
访问控制 应用授权 授权用户组与应用访问权限
同步中心 钉钉 钉钉(Ding Talk)是阿里巴巴集团打造的企业级智能移动办公平台,以钉钉作为数据源,同步钉钉的组织与用户到平台。提供日志审计等功能。
飞书 飞书是北京抖音信息服务有限公司于2016年自研的新一代一站式协作平台,以飞书作为数据源,同步飞书的组织与用户到平台。提供日志审计等功能。
企业微信 企业微信是腾讯微信团队为企业打造的专业办公管理工具,以企业微信作为数据源,同步企业微信的组织与用户到平台。提供日志审计等功能。
日志审计 登录日志 审计日志记录了所有平台用户进行登录的关键操作,以对用户登录行为提供溯源数据。
访问日志 审计日志记录了所有平台用户进行应用访问的关键操作,以对用户访问应用的行为提供溯源数据。
系统设置 系统信息 主要对系统的基本信息维护。
菜单配置 系统导航菜单、按钮、API接口等基本数据录入。
密码策略 密码策略中可以设置相应的密码复杂度、相应的锁定解锁策略。
登录策略 登录策略负责保证系统登录的安全性。 如令牌有效期、密码错误次数锁定以及登录的图形验证码基本控制。
LDAP数据源 为系统提供数据源的入口,可以同步LDAP的数据到平台,可以查看具体的同步记录和任务调度。
短信配置 主要提供短信配置入口,为用户自助找回密码提供短信功能的基础配置。
第三方认证 基础主流的社交登录配置,如微信、支付宝、企业微信、飞书等市场主流的社交登录能力。

技术选型

后端技术

框架 说明 版本
Spring Boot 系统框架 2.7.18
Spring Cloud Alibaba 系统框架 2021.1
Freemarker 模板引擎 2.3.32
Knife4j API文档 4.0.0
Mysql Connector 数据库驱动 8.0.31
Druid JDBC 连接池、监控组件 1.2.16
Spring-Boot-Data-Redis Redis 2.7.18
MyBatis Plus MyBatis 增强工具包 3.5.4
Hutool Java工具类库 5.8.15
Lombok 消除冗长的 Java 代码 1.18.26
Ip2region IP解析工具 2.6.5
Pinyin4j 文字转换工具 2.5.1
JavaxMail 邮件发送工具 1.6.2

前端技术

框架 说明 版本
vue 框架语言 3.4.31
vite 构建工具 5.3.2
element-plus 组件库 2.7.6
axios 网络库 0.28.1
js-cookie Cookie库 3.0.5
jsencrypt 数据加解密库 3.3.2
echarts 报表库 5.5.1
Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

简介

基于OpenLDAP企业级认证平台(EIAM),用于管理企业组织架构、员工账号、身份认证、应用访问,帮助整合本地或云端的业务系统及第三方 SaaS 系统的所有身份,实现一个账号登录访问所有应用。支持OAuth2.x、OIDC、SAML2.0、JWT、CAS等SSO标准协议。 展开 收起
README
Apache-2.0
取消

发行版

暂无发行版

贡献者

全部

近期动态

不能加载更多了
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/ldapauth/ldapauth.git
git@gitee.com:ldapauth/ldapauth.git
ldapauth
ldapauth
ldapauth
master

搜索帮助