/agama-pw

Agama Project for all things password: identifier first, password expiration, account lockout.

Primary LanguageJavaApache License 2.0Apache-2.0

Contributors Forks Stargazers Issues Apache License

Gluu Agama-PW

Welcome to the https://github.com/GluuFederation/agama-pw project. This project is governed by Gluu and published under an Apache 2.0 license. It provides various flows to password authenticate a person.

Password authentication is still useful ! ! !

This is also a great project to fork if you want to write a “Hello World” Agama project.

Implementations

  • Jans Auth Server
  • Gluu Flex

Flow: One-step password authn

This is the classic combined username / password form authentication workflow. The sequence diagram below shows the good flow.

agama-pw sequence diagram image Source

Flow Configuration

Below is a typical agama-pw flow

      {
          "org.gluu.agama.pw.main": {
            "MAX_LOGIN_ATTEMPT": "6",
            "ENABLE_LOCK": "true",
            "LOCK_EXP_TIME": "180"
          }
      }
  • MAX_LOGIN_ATTEMPT: Is the maximum failed login attempt before the user account is locked
  • ENABLE_LOCK: true/false, this is use to enable the Account Lock feature
  • LOCK_EXP_TIME: The time in seconds befor a locked account is unlock.

Core Developers

Thomas
Mougang Gasmyr 		Md
Md Mostafejur Rahman

License

This project is licensed under the Apache 2.0