Authorization library that supports RBAC and ABAC

Technologies
javascript, java, go, OIDC, OAuth
Topics
security, cloud, authorization, IAM, Authentication
Authorization library that supports RBAC and ABAC
Casbin is a powerful and efficient open-source access control library. It provides support for enforcing authorization based on various access control models like ACL, RBAC, ABAC for Golang, Java, Node.js, PHP, Python, .NET (C#), Delphi and Rust. What Casbin does: - Enforce the policy in the classic {subject, object, action} form or a customized form as you defined, both allow and deny authorizations are supported. - Handle the storage of the access control model and its policy. - Manage the role-user mappings and role-role mappings (aka role hierarchy in RBAC). Support built-in superuser like root or administrator. - A superuser can do anything without explict permissions. - Multiple built-in operators to support the rule matching. For example, keyMatch can map a resource key /foo/bar to the pattern /foo*. What Casbin does NOT do: - Authentication (aka verify username and password when a user logs in) Manage the list of users or roles. I believe it's more convenient for the project itself to manage these entities. - Users usually have their passwords, and Casbin is not designed as a password container. However, Casbin stores the user-role mapping for the RBAC scenario. For more details, see: https://casbin.org/
2022 Program

Successful Projects

Contributor
Resulte
Mentor
Yang Luo
Organization
Casbin
Refine and optimize the Casbin-dashboard & Casdoor
Casbin-dashboard is the official web UI (admin portal) for Casbin models and policies. Casdoor is a centralized authentication / Single-Sign-On (SSO)...
Contributor
sociometry
Mentor
Yang Luo, Sagilio
Organization
Casbin
Casbin for .NET & Casdoor .NET SDK
Casbin for .NET: a. Feature Request: subjectPriority b. Support "in" special grammar c. Validate and compile matcher when loading model d. Improve...
Contributor
NoneBack
Mentor
Yang Luo, ZixuanLiu, Weny
Organization
Casbin
An alternative tuple-storage engine for Casbin Mesh / Casbin — GSOC 2022 Proposal
Currently, Casbin uses golang built-in map structure to maintain policies in the main memory and persist the policies via adapter abstraction. If...
Contributor
Jianning Wang
Mentor
Yang Luo, Yang Tang
Organization
Casbin
Enhancement of Casbin Core Engine
Casbin Core Engine is the first implementation for Casbin DSL. Though stable now, it lacks some important features like the WatcherEx support. Also,...
Contributor
Shivansh Yadav
Mentor
Yang Luo, ZixuanLiu, Xinyu Zhou
Organization
Casbin
Casbin For Node.js - Benchmarks, Feature Enhancement, multiple platform support, WatcherEx, Adapter
Casbin is extended to multiple languages and frameworks including the Casbin for Node.js. To improve the user experience for the project one of the...
Contributor
Zhendong Zhou
Mentor
Yang Luo, JonLee
Organization
Casbin
Performance Optimize,New DB Adapters and Django Part Improve for Pycasbin
1. Add etcd adapter and redis adapter to improve compatibility 2. Implement the pycasbin-on-cpp to improve performance and add RBAC API to benchmark...
Contributor
Yixiang Zhao
Mentor
Yang Luo, Yang Tang
Organization
Casbin
Casbin for Java & Casdoor
The jCasbin needs to enhance the expressiveness of the grammar to meet the diverse needs of the user's policy development. For example, the special...
Contributor
Siddhesh Kanawade
Mentor
Yang Luo, Yisheng Chai
Organization
Casbin
Casbin for Rust
With the efforts of Casbin Community, the Rust version of the Casbin is now ready for production. Casbin-RS can provide access control with blazing...
Contributor
Jiaming Tang
Mentor
Yang Luo, Sagilio
Organization
Casbin
Casbin for Cloud Native & Casdoor
The proposal presented here roughly contains 3 parts. The first part includes refactor of the existing k8s-authz, as well as introducing more...
Contributor
cs1137195420
Mentor
Yang Luo
Organization
Casbin
Encapsulation of casbin-cpp and other enhancements for pycasbin
Compared to Casbin for Golang, PyCasbin has many shortcomings, especially the lack of RBAC interface and its bad performance compared to Go....