Benefits & Features
LemonLDAP::NG offers several essential features to protect organizations against cybersecurity threats by providing a distributed single sign-on solution with centralized rights management as well as identity federation management, thus integrating a set of identity providers (IdP) and service providers (SP) who are committed to respecting a minimum set of rules to exchange authentication and authorization information in complete confidence.
Today, this access management has become more complex with the mix between access to internal services, access from external service providers and access to the cloud service.
These features can help organizations mitigate security risks, reduce operational costs and complexity, improve visibility and situational awareness within the organization, and ensure regulatory compliance.
Security
Define your access rules for applications, data, and systems. This approach ensures secure and efficient identity and access management within your organization.
Regulatory compliance
Using templates, specify how objects in your directory will be created to ensure compliance.
Centralized rights management
LemonLDAP::NG allows you to manage access authorizations to resources and systems only when strictly necessary, thus reducing access times and the risk of compromise.
Openness of the IS
In order to allow the organization to open its IS with complete peace of mind and thus gain in agility.
Modularity
LemonLDAP::NG is designed to be very modular, which allows it to be adapted to different needs and environments.
High Performance
LemonLDAP::NG can run on Apache or Nginx web servers, ensuring high availability and good processing speed.
User and Administrator Experience
Provide a pleasant user experience with its templates, web application access portal and web manager. It greatly facilitates daily operation.
Multi-protocol Authentication
LemonLDAP::NG supports multiple authentication protocols, such as LDAP, Active Directory, Kerberos, Database, SSL, Social Networks, CAS, SAML, OpenID Connect, etc.
Session Management
LemonLDAP::NG manages sessions efficiently, including session duration, authorized applications and accessible resources, by using cookies to store user credentials.
Integration with Backends
LemonLDAP::NG can store configuration and sessions in backends such as files, databases or NoSQL systems.
Portal and Manager
LemonLDAP::NG includes a visible portal for users and an administration manager to configure and manage the system.
Enhanced Security
LemonLDAP::NG is designed to be secure, with strong encryption and identity verification mechanisms.
Active Community
LemonLDAP::NG benefits from an active community of developers and users, which means that updates and improvements are regular.
GPL License
The software is distributed under the GPL license, which guarantees freedom of use and modification for organizations and developers.
Multi-Factor Authentication (2FA)
Ensures robust identification of users and administrator accounts using multiple verification factors, such as passwords, USB sticks, SMS or verification applications.
Audit and Reporting
Provides detailed reports on user and administrator account activities, as well as access and changes to systems and resources, to facilitate compliance and monitoring.
ANSSI Security Guidelines
The National Agency for Information Systems Security (ANSSI) is a French information systems security agency.
It has published a document to secure OpenID Connect. It contains around fifty recommendations to strengthen your OIDC service, as an OpenID provider or relying party.
LemonLDAP::NG meets the majority of these recommendations, we are at your disposal to assist you in this compliance. So do not hesitate to contact us
