Ceptor: Designed for Your Needs
Ceptor is built with flexibility in mind; it allows unprecedented freedom in selecting the kind of configuration that is most suitable to your needs.
Here you dive into details about Ceptor Server incl. optional Modules, Ceptor Gateway incl. optional Features, Authentication Plugins, Application Server Plugins.
Ceptor Server
Ceptor Server is split into a number of separate deployable modules, including Ceptor Console giving you options to combine or distribute across as many servers as meet your requirements.
Ceptor Console allows you access to centralized configuration and statistics. Using the Ceptor Console you can define and generate reports ranging from SLA reports to business-centric reports giving your business immediate access to detailed information regarding the use of your applications. You can also access specific parts thereof, including information about authentication methods being done, concurrent users.
Ceptor Server is the brain in your entire setup.
Furthermore, Ceptor Console allow you to monitor the status and health of your entire infrastructure.
The Ceptor Server can be extended with additional Modules.
Modules
Ceptor Gateway
Ceptor Gateway is a standards-based
Reverse Proxy Server
it is fully asynchronous, highly scalable and supports newest available communication protocols. Ceptor Gateway is deployed in front of your applications, protecting them from unauthorized access and takes care of load balancing and failover, stickiness, request throttling, authentication and authorization and response compression.
Your applications can be protected using Role-Based Access Control as well as Attribute-Based Access Control, GeoIP restrictions, and advanced custom Java or script based plugins.
Ceptor Gateway contains Web Application Firewall functionality, providing defense against the OWASP Top 10 Web Application Security Risks.
Out-of-the-box support for the following Authentication types directly in Ceptor Gateway: SSL Client Certificate, Basic Authentication, Bearer Token, SPNEGO/Kerberos, Forms-based login, OAuth/OAuth 2.0, OpenID Connect and ADFS/Web SSO.
Other authentication types are supported (such as SMS OTP, NemID, BankID, FIDO, Authenticators) by scripting or a separate login application. A wide range of user repositories are supported, and users do not need to be migrated or replicated/synchronized into Ceptor specific repositories/databases.
Read more about Ceptor Gateway - our Reverse Proxy Server.
Ceptor Gateway can be extended with full-featured API functionality by enabling Ceptor API Management.
Optional Features
Authentication Plugins
Ceptor supports virtually any kind of authentication. Multiple pluggable authentication methods can coexist, and the application can choose which ones to use.
Single Sign-On / SAML Web SSO
Can provide Single Sign-On (SSO) with Microsoft ADFS, supporting WS-Federation and
SAML Web SSO. Read more about SSO
OpenID Connect
Ceptor can act as either an identity provider or a relying party using OAuth 2.0 JWT tokens using OpenID Connect 1.0.
Digital Signatures
Ceptor offers support for Digital Signatures, it comes with OpenSign and OpenLogon, Ceptor can act as either an identity provider or a relying party using.
OAuth & OAuth 2.0
Ceptor can act as an OAuth 2.0 Resource Owner, Authorization Server and Resource server – issuing and accepting authorization codes and bearer tokens. Ceptor also have full support for OAuth 1.0.
NemID & MitID
Special care is taken of the Danish Digital IDs: NemID and the future MitID. Ceptor has full support for login including support for verifying/extracting personal identification information CPR from certificate providers.
WWPass
WWPass allows secure Multi-Factor authentication without requiring userid or password.Simply scan a QR code with your mobile to login, no need to enter userid or password.
Google Authenticator / TOTP
Ceptor supports Google Authenticator and other Time-based One-Time Password (TOTP) based devices.
Microsoft Authenticator / TOTP
Ceptor supports Microsoft Authenticator and other Time-based One-Time Password (TOTP) based devices.
SMS OTP
Generate One-Time Password and send them via SMS for easy two-factor authentication – support for multiple SMS providers.
Kerberos
Kerberos is a key part of supported Ceptor login allowing for easy integration into existing Windows Domain infrastructures.
FIDO U2F
Supports FIDO U2F two-factor authentication tokens – allows users to register tokens, and use them for login – login with token does not require a password. Full man-in-the-middle attack prevention.
X.509
Ceptor has built-in support for X.509 certificates for both login and signing of data, as well as support for certificate revocation lists and online verification of certificates.
Application Server Plugins
Ceptor supports multiple different Application Server Plugins, which are a client towards the Ceptor Server enabling you to have deep integration with any application server.
IBM WebSphere
WebSphere NTAI interface is used to provide declarative JEE authentication and authorization.
Oracle WebLogic
WebLogic Security Service Provider Interface (SSPI) plugin, allowing declarative security in applications.
Red Hat JBoss
Single Sign-On and declarative JEE security for JBoss servers.
Microsoft .NET
Ceptor .NET Application Server Plugin for ASP.NET 2.0+ Applications.
Jetty
Single Sign-On and declarative JEE security for Jetty servers.
GlassFish
Single Sign-On and declarative JEE security for Glassfish 3+ servers.
Apache Tomcat
Single Sign-On and declarative JEE security for Apache Tomcat 6+ servers.
What will Ceptor cost me?
Design your desired configuration to enable us to quote your Ceptor