Janssen Project for Linux Foundation

There are many ways you can contribute. Of course you can contribute code. But we also need people to write documentation and guides, to help us with testing, to answer questions on the forums and chat, to review PR’s, to help us with devops and CI/CD, to provide feedback on usability, and to promote the project through outreach. Also, by sharing metrics with us, we can gain valuable insights into how the software performs in the wild.

Building a large community is our number one goal. Please let us know what we can do to make you feel more welcome, no matter what you want to contribute.

Open Source Digital Identity

Janssen Modules

Janssen is not a big monolith–it’s a lot of services working together. Whether you deploy Janssen to a Kubernetes cluster, or you are a developer running everything on one server, it’s important to understand the different parts.

This component is the OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization Server–this is the main Internet facing component of Janssen. It’s the service that returns tokens, JWT’s and identity assertions. This service must be Internet facing.

This component provides the server side endpoints to enroll and validate devices that use FIDO. It provides both FIDO U2F (register, authenticate) and FIDO 2 (attestation, assertion) endpoints. This service must be internet facing.

The API to configure the auth-server and other components is consolidated in this component. This service should not be Internet-facing.

SCIM is JSON/REST API to manage user data. Use it to add, edit and update user information. This service should not be Internet facing.

This module is a command line interface for configuring the Janssen software, providing both interactive and simple single line options for configuration.

 

  1. Middleware API to help application developers call an OAuth, OpenID or UMA server. You may wonder why this is necessary. It makes it easier for client developers to use OpenID signing and encryption features, without becoming crypto experts. This API provides some high level endpoints to do some of the heavy lifting.

  2.  

This library has code that is shared across several janssen projects. You will most likely need this project when you build other Janssen components.

This is the library for persistence and caching implemenations in Janssen. Currently LDAP and Couchbase are supported. RDBMS is coming soon.

Install Janssen with these packages

  • Enterprise Linux 8 (CentOS 8 and Red Hat 8)
  • Ubuntu 20
  • SUSE 15
  • Provision a Linux 4 CPU, 16 GB RAM, and 50GB SSD VM with ports 443 and 80 open.
  • Save the VM IP address
  • Install Docker
  • Execute
For local deployments like minikube and microk8s or cloud installations in demo mode, resources may be set to the minimum and hence can have 8GB RAM, 4 CPU, and 50GB disk in total to run all services.

Why the name Janssen?

Pigeons (or doves if you like…) are universally regarded as a symbol of peace. But they are also fast. Powered by a handful of seeds, a well trained racing pigeon can fly 1000 kilometers in a day. The Janssen brothers of Arendonk in Belgium bred the world’s fastest family of racing pigeons. Complex open source infrastructure, like competitive animal husbandry, requires incremental improvement. Janssen racing pigeons revolutionized the sport. The Janssen Project seeks to revolutionize identity and access management.

Join Janssen

While other identity and access management platforms exist, the Janssen Project seeks to tackle the most challenging security and performance requirements.

Based on the latest code that powers the Gluu Server which has passed more OpenID self-certification tests than any other platform. Janssen starts with a rich set of signing and encryption functionality that can be used for high assurance transactions.

Having shown throughput of more than one billion authentications per day, the software can also handle the most demanding requirements for concurrency thanks to Kubernetes auto-scaling and advances in persistence.

« »