mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00

Kanidm: A simple, secure, and fast identity management platform

authentication iam identity identity-management idm ldap oidc radius rust scim security ssh-authentication webauthn

Find a file

Firstyear 426426a18f Implement Access Control Profiles (#52 ) This implements access controls, including a huge amount of refactor to support them and their resolution with the "SelfUUID" keyword. Additionally, parts of the event structure was improved to help, normalised was added as an entry state and more. And there are access controls! They work, have tests, and appear sane.		2019-06-07 11:19:09 +02:00
designs	Implement Access Control Profiles (#52 )	2019-06-07 11:19:09 +02:00
src	Implement Access Control Profiles (#52 )	2019-06-07 11:19:09 +02:00
tests	20190508 UUID on entry (#50 )	2019-05-15 10:36:18 +10:00
.dockerignore	Large rework of audit logging	2018-12-27 15:22:03 +10:00
.gitignore	Begin datastructure and work on the core server	2018-11-03 10:30:57 +10:00
Cargo.toml	Implement memberof with direct/indirect tracking and testcases. (#48 )	2019-05-08 10:39:46 +10:00
CHECKLIST.md	Add support for working server integration test!	2018-11-27 20:48:21 +10:00
CODE_OF_CONDUCT.md	Begin datastructure and work on the core server	2018-11-03 10:30:57 +10:00
Dockerfile	Large rework of audit logging	2018-12-27 15:22:03 +10:00
LICENSE.md	Change license to MPL #15	2019-02-03 10:27:49 +10:00
pull_request_template.md	Create pull_request_template.md	2019-03-28 13:58:14 +10:00
README.md	Add some git instructions	2019-03-22 10:09:05 +10:00

README.md

Kanidm

Kanidm is an identity management platform written in rust. Our goals are:

Modern identity management platform
Simple to deploy and integrate with
extensible
correct

Code of Conduct

See CODE_OF_CONDUCT.md

Examples

MVP features

Pam/nsswitch clients (with offline auth, and local totp)
CLI for admin
OIDC/Oauth
SSH key distribution
MFA (TOTP)
In memory read cache (cow)
backup/restore

Planned features

Replicated database backend (389-ds, couchdb, or custom repl proto)
SAML
Read Only Replicas
Certificate distribution?
Web UI for admin
Account impersonation
Webauthn
Sudo rule distribution via nsswitch?

Features we want to avoid

Audit: This is better solved by ...
Fully synchronous behaviour: ...
Generic database: ... (max db size etc)
Being LDAP: ...
GSSAPI/Kerberos

More?

Get involved

To get started, you'll need to fork or branch, and we'll merge based on PR's.

If you are a contributor to the project, simply clone:

git clone git@github.com:Firstyear/kanidm.git

If you are forking, then Fork in github and clone with:

git clone https://github.com/Firstyear/kanidm.git
cd kanidm
git remote add myfork git@github.com:<YOUR USERNAME>/kanidm.git

Select and issue (and always feel free to reach out to us for advice!), and create a branch to start working:

git branch <feature-branch-name>
git checkout <feature-branche-name>

When you are ready for review (even if the feature isn't complete and you just want some advice)

git commit -m 'Commit message' change_file.rs ...
git push <myfork/origin> <feature-branch-name>

If you get advice or make changes, just keep commiting to the branch, and pushing to your branch. When we are happy with the code, we'll merge in github, meaning you can now cleanup your branch.

git checkout master
git pull
git branch -D <feature-branch-name>

Rebasing:

If you are asked to rebase your change, follow these steps:

git checkout master
git pull
git checkout <feature-branche-name>
git rebase master

Then be sure to fix any merge issues or other comments as they arise. If you have issues, you can always stop and reset with:

git rebase --abort

Designs

See the designs folder

Why do I see rsidm references?

The original project name was rsidm while it was a thought experiment. Now that it's growing and developing, we gave it a better project name. Kani is Japanese for "crab". Rust's mascot is a crab. It all works out in the end.