42 Repos
Integration with directory services for centralized user authentication.
Distinct from LDAP Authentication: The candidates are either focused on attacks or are deeply nested in AI agent frameworks; a clean root-level security tag is needed.
Explore 42 awesome GitHub repositories matching security & cryptography · LDAP Authentication. Refine with filters or upvote what's useful.
CMAK is a Kafka cluster management tool and web interface designed for the administration of brokers, topics, and partitions. It provides a centralized system for Kafka cluster governance, encompassing resource administration, access control, and data distribution optimization. The project features a management UI that allows for the creation, deletion, and update of topic configurations and partition counts. It includes a partition rebalancer for executing data reassignment and preferred replica elections to balance load across cluster nodes. The system provides observability through broker
Verifies user identities and group memberships by communicating with an external LDAP directory server.
Dex is an OpenID Connect provider and identity federation proxy that translates authentication signals from various upstream sources into a unified OpenID Connect interface. It functions as a multi-protocol identity broker, enabling client applications to implement a single standard while delegating user verification to external identity providers. The project distinguishes itself through a pluggable connector architecture that bridges disparate protocols including LDAP, SAML, and OAuth2. It provides specific integrations for services such as GitHub, Google, GitLab, and Microsoft, while offer
Implements the search-then-bind authentication flow to verify user identities against an LDAP directory.
Lets-chat is a self-hosted team communication platform and XMPP chat server designed for private messaging. It provides a containerized communication environment for small teams to exchange messages and files, featuring a programmable REST API for automating conversations and managing messages from external tools. The platform functions as an XMPP gateway and server, ensuring interoperability with other compliant messaging clients. It distinguishes itself by supporting enterprise identity management, allowing administrators to verify user identities through local accounts or external director
Validates user identities specifically using LDAP or Kerberos enterprise directory services to control system access.
This project is a self-hosted recipe manager designed for organizing digital libraries, planning meals, and generating shopping lists. It serves as a central hub for recipe collection management, providing tools to store, categorize, and share recipes within a collaborative kitchen workflow. The system distinguishes itself through an AI-powered importer that extracts structured ingredients and instructions from images, PDFs, and websites. It further integrates with home automation environments as a containerized add-on and supports S3-compatible object storage for managing media files. The s
Integrates with LDAP directory services for centralized organizational user authentication.
TubeArchivist is a self-hosted YouTube video archiving system and metadata indexer. It functions as a personal media library and download manager that allows users to create a searchable offline collection of videos, channels, and playlists. The system distinguishes itself by indexing subtitles, comments, and channel information for full-text search and retrieval. It features automated media synchronization to track subscriptions and playlists, ensuring new content is automatically queued and downloaded as it is published. The project provides a broad set of capabilities for digital asset ma
Verifies user credentials and maps account attributes via a remote directory server.
Tinyauth is an authentication middleware service and identity provider that verifies user identities to grant system access. It operates as a standalone server or as an authentication gateway, utilizing a reverse proxy model to intercept requests and validate credentials before traffic reaches protected backend services. The project functions as an OpenID Connect provider for single sign-on experiences and an OAuth 2.0 gateway that delegates verification to external providers such as Google and GitHub. It also acts as an LDAP authentication server, allowing for centralized user management and
Delegates user authentication and group authorization to an external directory server using LDAP search filters.
ProxySQL is a database proxy designed to route and balance traffic between applications and MySQL or PostgreSQL servers. It provides database high availability by monitoring backend server health and automatically rerouting traffic to healthy nodes during failover events to prevent downtime. The system integrates with generative AI models by proxying requests through a protocol handler, creating a bridge that allows large language models to access structured data. The project includes capabilities for traffic management through automatic failover routing and cluster topology discovery. It op
Integrates with directory services to verify user identities and manage access control via LDAP.
ejabberd is a multi-protocol communication gateway and scalable server that implements XMPP for instant messaging and presence. It serves as a federated messaging platform, enabling interoperable communication and user discovery between different remote servers. The project functions as an MQTT message broker for lightweight IoT device communication and a SIP signaling server for managing voice and multimedia signaling traffic. It allows for the hosting of multiple domains on a single instance using virtual hosting to isolate configurations and prevent username conflicts. The system provides
Integrates with directory services to verify user credentials via LDAP for centralized authentication.
fbctf is a Capture The Flag platform designed for hosting cybersecurity competitions. It provides a scoring engine to track participant progress and an orchestration tool to manage the transition from event configuration to an active state. The system utilizes a containerized deployment framework to launch the infrastructure and environments required for live events. It includes an identity integration that authenticates participants via external directory servers to provide organization-wide access control. The platform covers the administration of competition content and security goals, te
Integrates with external directory servers to provide centralized LDAP authentication for participants.
Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag
Integrates with LDAP providers to manage user identity and access control via a centralized directory.
The Lounge is a self-hosted, web-based IRC client that functions as a persistent bouncer replacement, keeping users connected to IRC servers even when their browser is closed or device is offline. It runs as a Node.js backend with a WebSocket bridge that relays IRC events and commands between the server and browser, and includes a built-in HTTP and HTTPS server for direct TLS termination without an external reverse proxy. The client supports multiple user accounts on a shared server installation, with LDAP authentication for credential validation. It maintains persistent server-side IRC conne
Validates user login credentials against an LDAP server using search or bind DN methods.
Authenticates users against an LDAP directory while storing their credentials in a local database.
Apache Hive is a SQL-on-Hadoop data warehouse that enables querying and managing petabytes of data stored in distributed storage such as HDFS and cloud storage services. It provides a familiar SQL interface for batch analytics and reporting, supported by a core set of components including the HiveServer2 Thrift service for remote query execution, the Hive Metastore Service for central metadata management, the Hive ACID Transaction Engine for concurrent read-write operations, and the Hive LLAP Interactive Engine for low-latency analytical processing. The WebHCat REST API offers an HTTP interfac
Restricts HiveServer2 access using LDAP user and group filters.
GreptimeDB is a distributed, open-source time-series database built for unified observability. It stores and queries metrics, logs, and traces together in a single columnar engine, supporting both SQL and PromQL for analysis. The database is designed as a Kubernetes-native operator with a decoupled compute and storage architecture, enabling horizontal scaling and multi-region deployment. What distinguishes GreptimeDB is its role as a multi-protocol ingestion gateway, accepting data through OpenTelemetry, Prometheus Remote Write, InfluxDB, Loki, Elasticsearch, Kafka, and MQTT protocols without
GreptimeDB first searches the LDAP directory for the user's entry, then binds with that entry's credentials to verify identity.
Maddy is a modular mail server that assembles a complete email system by connecting small, single-purpose modules through a declarative configuration file. Rather than a monolithic stack, it lets operators compose message processing, storage, authentication, and security enforcement from interchangeable building blocks, with each module handling a specific function like receiving SMTP connections, verifying credentials, or applying policy checks. The server distinguishes itself through its flexible authentication and security architecture. It delegates user verification to external systems in
Verifies credentials by binding to a remote LDAP directory service using the provided username and password.
AliSQL is a fork of MySQL by Alibaba that extends the relational database management system with enhancements for high performance, scalability, and enterprise-grade availability. It retains the core MySQL identity as a SQL-based database for storing, organizing, and retrieving structured data, while adding optimizations for large-scale transactional and analytical workloads. The project differentiates itself through a set of Alibaba-specific improvements, including a columnar engine for accelerating analytical queries directly on MySQL tables, and a distributed, shared-nothing NDB Cluster en
Authenticates MySQL users against an LDAP directory using password, SASL, or GSSAPI/Kerberos methods.
Cerebro ist ein Administrationstool für OpenSearch- und Elasticsearch-Cluster, das eine webbasierte grafische Oberfläche zur Überwachung des Zustands und zur Verwaltung der Performance bietet. Es dient als zentrale Konsole für die Cluster-Administration, einschließlich der Erstellung und Organisation von Indizes, Aliasen und Index-Templates. Das Projekt zeichnet sich durch integrierte Verzeichnisauthentifizierung aus, wobei LDAP-Dienste genutzt werden, um Benutzeridentitäten und Zugriffsberechtigungen zu verwalten. Es enthält zudem eine dedizierte REST-Client-Konsole zum Senden manueller Anfragen an Cluster, die über Autovervollständigung und die Möglichkeit verfügt, Anfragen als curl-Befehle zu exportieren. Das Tool deckt umfassende operative Funktionen ab, einschließlich Datensicherung und -wiederherstellung via Snapshot-Management, Shard-Verteilung und -Ausgleich über Knoten hinweg sowie Echtzeit-Überwachung des Cluster-Zustands. Es bietet zudem ein Warnsystem für Index-Änderungen und Schwankungen der Clustermitgliedschaft, neben internen Analysetools zur Untersuchung von Datenverteilungen.
Integrates with remote directory services via LDAP for centralized user authentication and access control.
Webmin is a web-based administration interface for Unix systems. It provides a centralized console for managing the full range of server administration tasks — users and groups, software packages, storage, network configuration, system services, and security — all through a browser. Its modular architecture allows separate modules to handle databases (MySQL, MariaDB, PostgreSQL), web servers (Apache), DNS (BIND), email (Sendmail, Dovecot), file sharing (Samba, NFS), and more, with a unified access control system that restricts what each administrator can see and do. What sets Webmin apart is
Sets up the underlying Unix system to authenticate and resolve user identities against an LDAP directory.
lakeFS ist ein Data-Lake-Versionierungssystem, das Git-ähnliche Branching- und Commit-Funktionen für große Datensätze in Objektspeichern bietet. Es fungiert als Versionskontrollschicht und ermöglicht die Erstellung unveränderlicher Snapshots, atomarer Commits und Zero-Copy-Branching, um isolierte Umgebungen für Datenexperimente zu schaffen, ohne physische Dateien zu duplizieren. Das System dient als S3-kompatibles Storage-Gateway und Iceberg-REST-Katalog, wodurch Standard-Cloud-Storage-Protokolle und kompatible Clients versionierte Tabellen verwalten können. Es fungiert als Data-Quality-Gatekeeper, indem es ein eventgesteuertes Hook-System nutzt, um Datensätze gegen Governance-Richtlinien zu validieren, bevor Änderungen in die Produktion gemergt werden. Die Plattform deckt umfassende Funktionen für Data-Governance ab, einschließlich Pull-Request-Kollaboration, rollenbasierter Zugriffskontrolle und Data-Lineage-Tracking. Sie bietet Integrationen für Workflow-Orchestrierung, Machine-Learning-Pipelines und verschiedene Big-Data-Compute-Engines und unterstützt Multi-Cloud-Storage-Konnektivität sowie Identitätssynchronisation via SSO und SCIM. Die Software kann mittels Binärdateien, Containern oder Helm-Charts für die Bereitstellung auf Kubernetes installiert werden.
Authenticates users against a directory server by verifying credentials and assigning default groups.
Davinci ist eine Business-Intelligence- und Datenvisualisierungsplattform, die für den Aufbau interaktiver Dashboards und Berichte verwendet wird. Sie fungiert als SQL-basierter Dashboard-Builder und Multi-Tenant-Analytics-Dienst, der über JDBC und CSV-Dateien mit Datenbanken verbunden wird, um Rohdaten in visuelle Komponenten zu transformieren. Die Plattform zeichnet sich durch ihr granulares Sicherheitsmodell aus, das Zeilen- und Spalten-basierte Berechtigungen umfasst, die in LDAP- und OAuth2-Authentifizierung integriert sind. Sie bietet zudem ein eingebettetes Visualisierungstool, das es ermöglicht, sichere, parametrisierte Diagramme und Dashboards über URLs und Frames in externe Anwendungen einzubinden. Das System deckt ein breites Spektrum an Funktionen ab, einschließlich Datenmodellierung mit SQL-Vorlagen, einer Drag-and-Drop-Layout-Engine für responsive Dashboards und einer Vielzahl von Visualisierungstypen wie Sankey-Diagrammen, Radar-Charts und geografischen Karten. Zudem umfasst es Automatisierungen für die Planung E-Mail-basierter Berichte und nutzt Key-Value-Caching zur Optimierung der Abfrageleistung.
Integrates with LDAP directory services to verify user identities and manage centralized authentication.