Apache Triplesec™ - What is it?
Triplesec is what you get when you combine 2-factor strong authentication with identity management. Triplesec is a strong identity management solution.
A strong identity management server is used to centralize the management of authentication, authorization and auditing (AAA) concerns in your applications (services and operating systems) while further protecting access to them using multiple factors for authentication.
Although hardware devices (tokens) can be used as another factor for validating user identity, Triplesec optionally uses a J2ME based One Time Password (OTP) generator which runs on any Java enabled device. Instead of carrying additional hardware devices users authenticate into your applications using their cell phones or PDAs. No connectivity or service is required for correct operation. Users can be toggled to use 2-factor authentication or can simply use static passwords.
Triplesec is free open source software that comes packaged with a server (daemon), a J2ME mobile token, an administration user interface and client APIs for managing, configuring and running your applications. With Triplesec you can securely, centrally, and dynamically add/remove and authorize users in your applications while auditing their activities.
Quick peek at the OTP generator
To the right you can see the OTP generator running on the Blackberry 7290. This one displays the generated output with the Safehaus Softfob. The 6-digit passcode in the center is the generated OTP.
Quick peek at Triplesec Administration Tool
The Triplesec Administration Tool is used to manage users, applications, and groups for a security realm. Applications are setup with permissions, roles and authorization profiles for users. User profiles in applications are put into roles with granted permissions. User profiles can further be tweaked with additional permission grants or denials. It's that simple.
Below, the SAFEHAUS.ORG security realm has two applications defined. The demo application has some simple example permissions, roles and security profiles created for running the demos that come with Triplesec.
The the latest release at safehaus was Triplesec Server 0.7.1.
Javadocs (TripleSec has only recently became part of Apache Directory, therefore some stuff is still located at safehaus.org)