|
|
@@ -1,105 +1,104 @@
|
|
|
# <img src="http://www.maxkey.top/static/images/logo_maxkey.png" width="200px" />
|
|
|
|
|
|
-# 概述
|
|
|
+# Overview
|
|
|
|
|
|
-<b>MaxKey(马克思的钥匙)</b>单点登录认证系统(Single Sign On System),寓意是最大钥匙,是<b>业界领先的企业级IAM身份管理和身份认证产品</b>,支持OAuth 2.0/OpenID Connect、SAML 2.0、JWT、CAS、SCIM等标准协议,提供<b>简单、标准、安全和开放</b>的用户身份管理(IDM)、身份认证(AM)、单点登录(SSO)、RBAC权限管理和资源管理等。
|
|
|
+<b>Maxkey (Marx's key) </b> Single Sign On system, which means the Maximum key, <b>Leading-Edge IAM Identity and Access management product </b>, Support OAuth 2.0/OPENID CONNECT, SAML 2.0, JWT, CAS, SCIM and other standard protocols, and provide <b> Simple, Standard, Secure and Open </b> Identity management (IDM), Access management (AM), Single Sign On (SSO), RBAC permission management and Resource management.
|
|
|
|
|
|
-官方网站 <a href="https://www.maxkey.top" target="_blank"><b>官方网站</b></a> | <a href="https://maxkeytop.gitee.io" target="_blank"><b>官方网站二线</b></a>
|
|
|
+Official Website <a href="https://www.maxkey.top" target="_blank"><b>official website</b></a> | <a href="https://maxkeytop.gitee.io" target="_blank"><b>Second Line</b></a>
|
|
|
|
|
|
-社区交流 QQ群:<b>434469201</b> | 邮箱EMAIL: <b>maxkeysupport@163.com</b>
|
|
|
+QQ Community: <b> 434469201 </b> | email: <b> maxkeysupport@163.com </b>
|
|
|
|
|
|
-代码托管 <a href="https://github.com/MaxKeyTop/MaxKey" target="_blank"><b>GitHub</b></a> | <a href="https://gitee.com/maxkeytop/MaxKey" target="_blank"><b>码云(Gitee)</b></a>
|
|
|
+Code Hosting <a href="https://github.com/MaxKeyTop/MaxKey" target="_blank"><b>GitHub</b></a> | <a href="https://gitee.com/maxkeytop/MaxKey" target="_blank"><b>Gitee</b></a>
|
|
|
|
|
|
-
|
|
|
-什么是<b>单点登录(Single Sign On)</b>,简称为<b>SSO</b>?
|
|
|
+What is <b> Single Sign On </b>, referred to as <b> SSO </b >?
|
|
|
+
|
|
|
+Users only need to login to the authentication center once , access all the trusted application systems without logging in again.
|
|
|
|
|
|
-用户只需要登录认证中心一次就可以访问所有相互信任的应用系统,无需再次登录。
|
|
|
-
|
|
|
-主要功能:
|
|
|
+Key Functions
|
|
|
|
|
|
-1) 所有应用系统共享一个身份认证系统
|
|
|
+1) All application systems share one Identity authentication system
|
|
|
|
|
|
-2) 所有应用系统能够识别和提取ticket信息
|
|
|
+2) All application systems can Identify and extract Ticket
|
|
|
|
|
|
|
|
|
-# 产品特性
|
|
|
+# Features
|
|
|
|
|
|
-1. 标准认证协议:
|
|
|
+1. Standard Protocols
|
|
|
|
|
|
-| 序号 | 协议 | 支持 |
|
|
|
+| No. | Protocols | Support |
|
|
|
| --------| :----- | :----: |
|
|
|
-| 1.1 | OAuth 2.0/OpenID Connect | 高 |
|
|
|
-| 1.2 | SAML 2.0 | 高 |
|
|
|
-| 1.3 | JWT | 高 |
|
|
|
-| 1.4 | CAS | 高 |
|
|
|
-| 1.5 | FormBased | 中 |
|
|
|
-| 1.6 | TokenBased(Post/Cookie) | 中 |
|
|
|
-| 1.7 | ExtendApi | 低 |
|
|
|
-| 1.8 | EXT | 低 |
|
|
|
-
|
|
|
-2. 登录支持
|
|
|
-
|
|
|
-| 序号 | 登录方式 |
|
|
|
+| 1.1 | OAuth 2.0/OpenID Connect | HIGH |
|
|
|
+| 1.2 | SAML 2.0 | HIGH |
|
|
|
+| 1.3 | JWT | HIGH |
|
|
|
+| 1.4 | CAS | HIGH |
|
|
|
+| 1.5 | FormBased | MIDDLE|
|
|
|
+| 1.6 | TokenBased(Post/Cookie) | MIDDLE|
|
|
|
+| 1.7 | ExtendApi | LOW |
|
|
|
+| 1.8 | EXT | LOW |
|
|
|
+
|
|
|
+2. Authentication
|
|
|
+
|
|
|
+| No. | SignIn Support |
|
|
|
| --------| :----- |
|
|
|
-| 2.1 | 动态验证码 字母/数字/算术 |
|
|
|
-| 2.2 | 双因素认证 |
|
|
|
-| 2.3 | 短信认证 腾讯云短信/阿里云短信/网易云信 |
|
|
|
-| 2.4 | 登录易/Google/Microsoft Authenticator/FreeOTP/支持TOTP或者HOTP |
|
|
|
-| 2.5 | Kerberos/SPNEGO/AD域|
|
|
|
-| 2.6 | 社交账号 微信/QQ/微博/钉钉/Google/Facebook/其他 |
|
|
|
+| 2.1 | Captcha : letter / number / arithmetic |
|
|
|
+| 2.2 | Two Factor Authentication |
|
|
|
+| 2.3 | SMS Tencent SMS / Alibaba SMS / NetEaseYunXin |
|
|
|
+| 2.4 | Denglu1/Google/Microsoft Authenticator/FreeOTP/Support TOTP or HOTP |
|
|
|
+| 2.5 | Kerberos/SPNEGO/AD domain|
|
|
|
+| 2.6 | Social Account WeChat/QQ/ Weibo/Dingding/Google/Facebook/other |
|
|
|
|
|
|
|
|
|
-3. 提供标准的认证接口以便于其他应用集成SSO,安全的移动接入,安全的API、第三方认证和互联网认证的整合。
|
|
|
+3. Standard Authentication Protocols for applications to integrate sso, secure mobile access, secure API, third-party authentication and Internet authentication.
|
|
|
|
|
|
-4. 提供用户生命周期管理,支持SCIM 2协议,基于Apache Kafka代理,通过连接器(Connector)实现身份供给同步。
|
|
|
+4. Identity Lifecycle management, support SCIM 2 , and realize Identity supply synchronization through connector based on Apache Kafka agent.
|
|
|
|
|
|
-5. 认证中心具有平台无关性、环境多样性,支持Web、手机、移动设备等, 如Apple iOS,Andriod等,将认证能力从B/S到移动应用全面覆盖。
|
|
|
+5. The platform independence and diversity of environment. It supports web, mobile phone, mobile devices, such as apple IOS, Android, etc., and covers the certification ability from B/S to mobile applications.
|
|
|
|
|
|
-6. 多种认证机制并存,各应用系统可保留原有认证机制,同时集成认证中心的认证;应用具有高度独立性,不依赖认证中心,又可用使用认证中心的认证,实现单点登录。
|
|
|
+6. Variety of authentication mechanisms coexist, each application system can retain the original authentication mechanism, and integrate the authentication of the MaxKey; the application has a high degree of independence, does not rely on the MaxKey, and can use the authentication of the MaxKey to realize single sign on.
|
|
|
|
|
|
-7. 基于Java平台开发,采用Spring、MySQL、Tomcat、Apache Kafka、Redis等开源技术,支持微服务,扩展性强。
|
|
|
+7. Based on Java platform, Adopts Spring, MySQL, Tomcat, Apache Kafka, Redis and other open source technologies, supports microservices, and has strong scalability.
|
|
|
|
|
|
-8. 许可证 Apache License, Version 2.0,开源、安全、自主可控。
|
|
|
+8. License Apache license, version 2.0, Open Source, Secure, Independent and Controllable.
|
|
|
|
|
|
|
|
|
-# 界面
|
|
|
+# Interface
|
|
|
|
|
|
-**MaxKey认证**
|
|
|
+**MaxKey**
|
|
|
|
|
|
-登录界面
|
|
|
+Login UI
|
|
|
<img src="http://www.maxkey.top/static/images/maxkey_login.png"/>
|
|
|
|
|
|
-主界面
|
|
|
+App List UI
|
|
|
<img src="http://www.maxkey.top/static/images/maxkey_index.png"/>
|
|
|
|
|
|
-**MaxKey管理**
|
|
|
+**MaxKey Management**
|
|
|
|
|
|
-访问报表
|
|
|
+Report UI
|
|
|
<img src="http://www.maxkey.top/static/images/maxkey_mgt_rpt.png"/>
|
|
|
|
|
|
-用户管理
|
|
|
+User Management UI
|
|
|
<img src="http://www.maxkey.top/static/images/maxkey_mgt_users.png"/>
|
|
|
|
|
|
-应用管理
|
|
|
+App Management UI
|
|
|
<img src="http://www.maxkey.top/static/images/maxkey_mgt_apps.png"/>
|
|
|
|
|
|
|
|
|
-# 下载
|
|
|
+# Download
|
|
|
|
|
|
-当前版本百度网盘下载,<a href="https://maxkey.top/zh/download.html" target="_blank"> 历史版本</a>
|
|
|
-| 版本 | 日期 | 下载地址 | 提取码 |
|
|
|
+Download the current version of Baidu Pan,<a href="https://maxkey.top/zh/download.html" target="_blank"> history version</a>
|
|
|
+| Version | ReleaseDate | Download URL | Code |
|
|
|
| --------| :----- | :---- | :----: |
|
|
|
-| v 2.3.0 GA | 2020/11/11 | <a href="https://pan.baidu.com/s/17jAatKNlM6L649992kEMBQ" target="_blank">链接下载</a> | **h3zw** |
|
|
|
+| v 2.3.0 GA | 2020/11/11 | <a href="https://pan.baidu.com/s/17jAatKNlM6L649992kEMBQ" target="_blank">Download</a> | **h3zw** |
|
|
|
|
|
|
|
|
|
# Roadmap
|
|
|
|
|
|
-1.动态用户组实现(基于用户属性或机构)
|
|
|
+1. Implementation of dynamic group (based on user attribute or organization)
|
|
|
|
|
|
-2.主任职机构和兼职机构
|
|
|
+2. Director and part-time organizations
|
|
|
|
|
|
-3.零信任场景整合
|
|
|
+3. Zero trust scenario integration
|
|
|
|
|
|
-4.MaxKey Cloud(微服务版)-2021年
|
|
|
+4. Maxkey-Cloud (micro service version)-2021
|
|
|
|
|
|
|
Crystal.Sea