The Apache Authentication and Authorization Framework (AuthX) is an effort to develop an Authentication, Authorization and Accounting framework for building security infrastructures.
AuthX is an attempt to provide a framework for developing complex security infrastructures. It addresses the Authentication, Authorization and Accounting concerns of secure applications or systems.
AuthX tries to define proper abstractions for security concepts to be a generic and flexible security framework on top of which complex secure applications can be built. It does not deal with cryptography mechanisms, since cryptography is a mean of attaining security goals. Yet, since the framework has been thought to be flexible, it is easy to plug-in your own implementations of AuthX abstractions.
The AuthX component defines the security framework in terms of APIs and provides implementations of authentication, authorization and accounting services. We believe AuthX has some unique features that set it apart from existing solutions: