Apache Triplesec™ - What is it?
Triplesec is what you get when you combine 2-factor strong authentication with identity management. Triplesec is a strong identity management solution.
A strong identity management server is used to centralize the management of authentication, authorization and auditing (AAA) concerns in your applications (services and operating systems) while further protecting access to them using multiple factors for authentication.
Although hardware devices (tokens) can be used as another factor for validating user identity, Triplesec optionally uses a J2ME based One Time Password (OTP) generator which runs on any Java enabled device. Instead of carrying additional hardware devices users authenticate into your applications using their cell phones or PDAs. No connectivity or service is required for correct operation. Users can be toggled to use 2-factor authentication or can simply use static passwords.
Triplesec is free open source software that comes packaged with a server (daemon), a J2ME mobile token, an administration user interface and client APIs for managing, configuring and running your applications. With Triplesec you can securely, centrally, and dynamically add/remove and authorize users in your applications while auditing their activities.
The the latest release at safehaus was Triplesec Server 0.7.1.
Javadocs (TripleSec has only recently became part of Apache Directory, therefore some stuff is still located at safehaus.org)