Download Akenti code


The Akenti Authorization Service code has been written by members of the Distributed Security Research Group at the Lawrence Berkeley National Laboratory. This code is distributed under the following BSD-style license. The code uses a number of open source packages as itemized below.

This code is provided as a professional academic contribution for joint exchange. Thus it is experimental, is provided ``as is'', with no warranties of any kind whatsoever, no support, promise of updates, or printed documentation. The Regents of the University of California shall have no liability with respect to the infringement of copyrights by this code, or any part thereof.

Documentation

For more information about the Akenti project and code see http://www-itg.lbl.gov/Akenti.

See Installing binaries or Installing sources for brief installation instructions or http://www-itg.lbl.gov/Akenti/docs/admin.html to understand how to configure an akenti system.

If you have any questions about installing or using this code contact MRThompson@lbl.gov

Recent changes are documented in the release notes.

Packages in release 1.5

status - last updated:

This is currently a beta release of 1.5. Not all the packages are available yet and the documentation needs work. The release is now separated by language as well as by source and binaries. We provide binaries for Linux RedHat 9 and Solaris 2.7 built with the g++ 3.2.2 compiler and java 1.4.2. Each Akenti package includes an example resource tree with instructions on how to install it, so that you can experiment with our tools before ceating your own resource tree. We depend on openldap 2.1.21, cppunit 1.9.11, xerces-c 2.5.0 and openssl 0.9.7. You can get these from their distributers, or you can download the libraries that we build against for Linux RedHat 9 or Solaris 2.7 from us in our 3rdparty packages.

c++ packages

3rd party packages

Java packages

Description of packages in release 1.4

Source

The source distribution contains the sources and Makefiles for the Akenti libraries, some simple tools that allow you to create, verify and sign certificates, some supporting servers (written in Java) and a Java GUI to create UseCondition and Attribute certificates. It also includes a sample resource tree and some identity certificates and XML Akenti certificates. In order to build these files you will need the following C open source packages: and the following Java packages:

Binary

The binary distribution contains Akenti libraries, openssl, openldap, xerces-c, some simple command-line tools, the Java GUI certificate generators, some supporting Java servers and some sample configuration files. This is what you need to start with to add Akenti authorization to your own applications.

Certificate Generators

Certificate Generators files, with or without jre are intended for client site, who only wish to create certificates. If you have downloaded the complete binaries you already have these files. If you have a version of Java 1.3, or 1.4, you do not need to download the jre from us. Unzip and run the genUse.sh, genAttr.sh or genPolicy.sh scripts to create UseConditions, Attribute certificates or Policy certificates.

Code packages

 Version 1.4 11/03/03Version 1.3 4/23/03
Source codeAkenti 1.4 (4.2M)Akenti 1.3i (.9M)
Binaries
    RedHat 7.2, gcc 2.96AK1.4-lib-bin.linux-gcc2 (46M)
includes openssl-0.9.7b, openldap-2.1.21, xerces-c-2.3.0
AK1.3-lib-bin.linux(48M)
includes openssl-0.9.7a, openldap-2.0.15, xerces-c-2.0.0
    RedHat 9.0, gcc 3.2 AK1.4-lib-bin.linux-gcc3 (53M)not available
    Solaris 7, gcc 3.2AK1.4-lib-bin.sun-sol-gcc3 (26M)not available
Certificate Generators
    Generators without jreAK1.4-AkGen-jre (4M) AK1.3-AkGen-jre (1.7M)
    Generators + Solaris jreAK1.4-AkGen.sun-sol-gcc3 (26M) AK1.3-AkGeni.sun-sol-gcc (12.5M)
    Generators + Redhat 7.2 jreAK1.4-AkGen.linux-gcc2 (26M) AK1.3-AkGen.linux-gcc2 (31M)
    Generators + Redhat 9.0 jreAK1.4-AkGen.linux-gcc3 (26M)not available

Other Akenti packages

Globus® Jobmanger Akenti integration

The Globus Jobmanager has been modified by the Globus developers at ANL to call out to an external policy decision point for authorization of requested actions. We have added a callout module that interfaces this call to Akenti. The Jobmanger is a derivitive of globus_gram_job_manager-3.10 which is somewhere between Globus releases 2.2.4 and 2.4. The Akenti code is from AK1.4.

See the following link for instructions and code downloads.

Akenti Apache module

We wrote an Apache mod_auth module for Apache 1.3. We have not updated it to the Apache 2.0 module interface. The Akenti code that was used was Aketni V1.1. So at this point it would take some work to update this module to the current versions of Apache and Akenti, but if you are interested in looking at it, the source is mod_akenti.tar.gz : gnu zipped version (11.7K)