LemonLDAP::NG is a modular Web SSO based on Apache::Session modules. It simplifies the building of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting, so you can have full AAA protection for your Web space. LemonLDAP::NG is a complete rewrite of LemonLDAP. All components needed to use it and to administer it are included in the tarball. However, all modules developed for LemonLDAP may not work with LemonLDAP::NG.
dynalogin is a distributed two-factor authentication suite that combines a secure UNIX server and API with an Android soft token. Open standards (HOTP, TOTP, and soon OCRA) are used for one-time passwords. A C library is provided for inclusion in existing software and Web sites. OpenID (using SimpleID) is supported for Web applications and single sign on. PAM is supported for easy UNIX and LDAP integration (SASL, RADIUS, and JAAS in development). It works with Google Authenticator or the dynalogin Android application.
The Subversion Authentication Parser Module is a Java library that can read a Subversion svnaccess file and convert it into an object tree that can be used to grant permission to different parts. Furthermore, you can define an object tree that represents permission for locations in repositories and/or trees. This gives you the possibility to use this module within your application either to read the Subversion svnaccess file or use it as a separate permission system.
gitolite is an access control layer on top of git. It allows you to setup git hosting on a central server, and have multiple "virtual" users (i.e., not "Unix" users) access multiple git repositories, with fine grained access control (read control at the repo level granularity, write control at branch/tag/file/dir level). It has several other features, comprehensive documentation, does not require root permissions, and does not depend on anything except git, Perl 5.8 or later, and any POSIX shell.
FBAC-LSM is a security mechanism for Linux which retricts applications based on the features they provide, such as "Web Browser" or "Image Editor". By restricting the actions of applications, the damage which can be caused by malware or software vulnerabilities can be significantly reduced. Reusable policy abstractions, known as functionalities, can be used to grant the authority to perform high level features (for example using the Web_Browser functionality) or lower level features (such as using the HTTP_Client functionality) or to grant privileges to access any specified resources. Functionalities are parameterized, which allows them to be adapted to the needs of specific applications. Functionalities are also hierarchical; that is, functionalities can contain other functionalities.