Ceptor: Designed for Your Needs

Ceptor is built with flexibility in mind; it allows unprecedented freedom in selecting the kind of configuration that is most suitable to your needs.

Here you dive into details about Ceptor Server incl. optional Modules, Ceptor Gateway incl. optional Features, Authentication Plugins, Application Server Plugins.


Ceptor Server


Ceptor Server is split into a number of separate deployable modules, including Ceptor Console giving you options to combine or distribute across as many servers as meet your requirements.

Ceptor Console allows you access to centralized configuration and statistics. Using the Ceptor Console you can define and generate reports ranging from SLA reports to business-centric reports giving your business immediate access to detailed information regarding the use of your applications. You can also access specific parts thereof, including information about authentication methods being done, concurrent users.

Ceptor Server is the brain in your entire setup.

Furthermore, Ceptor Console allow you to monitor the status and health of your entire infrastructure.

The Ceptor Server can be extended with additional Modules.

Modules

  • RADIUS Server

    Ceptor has support for RADIUS (Remote Authentication Dial-In User Service) servers that supports PAP authentication and accounting requests.

  • WS-Security

    Ceptor supports WS-Security to sign and encrypt outgoing SOAP messages as well as verifying and decrypting incoming SOAP messages.

RADIUS Server Icon

RADIUS Server

Ceptor has support for RADIUS (Remote Authentication Dial-In User Service) servers that supports PAP authentication and accounting requests.

WS-Security Icon

WS-Security

Ceptor supports WS-Security to sign and encrypt outgoing SOAP messages as well as verifying and decrypting incoming SOAP messages.

Ceptor Gateway


Ceptor Gateway is a standards-based 

Reverse Proxy Server

it is fully asynchronous, highly scalable and supports newest available communication protocols. Ceptor Gateway is deployed in front of your applications, protecting them from unauthorized access and takes care of load balancing and failover, stickiness, request throttling, authentication and authorization and response compression.

Your applications can be protected using Role-Based Access Control as well as Attribute-Based Access Control, GeoIP restrictions, and advanced custom Java or script based plugins.

Ceptor Gateway contains Web Application Firewall functionality, providing defense against the OWASP Top 10 Web Application Security Risks.

Out-of-the-box support for the following Authentication types directly in Ceptor Gateway: SSL Client Certificate, Basic Authentication, Bearer Token, SPNEGO/Kerberos, Forms-based login, OAuth/OAuth 2.0, OpenID Connect and ADFS/Web SSO.

Other authentication types are supported (such as SMS OTP, NemID, BankID, FIDO, Authenticators) by scripting or a separate login application. A wide range of user repositories are supported, and users do not need to be migrated or replicated/synchronized into Ceptor specific repositories/databases.

Read more about Ceptor Gateway – our Reverse Proxy Server.

Ceptor Gateway can be extended with full-featured API functionality by enabling Ceptor API Management.

Optional Features

  • GeoIP

    The Ceptor GeoIP plugin support lookup of the user’s device’s geographic location by identifying its IP address offering the ability prevent fraud.

  • Attribute-Based Access Control

    Enable Ceptor Gateway support for defining access depending on the user’s context, or the data sent in the user’s request.

GeoIP Icon

GeoIP

The Ceptor GeoIP plugin support lookup of the user’s device’s geographic location by identifying its IP address offering the ability prevent fraud.

Attribute Based Access Control  Icon

Attribute Based Access Control

Enable Ceptor Gateway support for defining access depended on the users context, or the data sent in the users request.

Authentication Plugins


Ceptor supports virtually any kind of authentication. Multiple pluggable authentication methods can coexist, and the application can choose which ones to use.

Single Sign-On / SAML Web  SSO Icon

Single Sign-On / SAML Web SSO

Can provide Single Sign-On (SSO) with Microsoft ADFS, supporting WS-Federation and
SAML Web SSO. Read more about SSO

OpenID Connect Logo

OpenID Connect

Ceptor can act as either an identity provider or a relying party using OAuth 2.0 JWT tokens using OpenID Connect 1.0.

Digital Signatures Icon

Digital Signatures

Ceptor offers support for Digital Signatures, it comes with OpenSign and OpenLogon, Ceptor can act as either an identity provider or a relying party using.

OAuth & OAuth 2.0 Logo

OAuth & OAuth 2.0

Ceptor can act as an OAuth 2.0 Resource Owner, Authorization Server and Resource server – issuing and accepting authorization codes and bearer tokens. Ceptor also have full support for OAuth 1.0.

NemID Logo

NemID

Special care has been taken with the Danish public certificates (OCES). Ceptor has full support for login including support for verifying/extracting personal identification information CPR from certificate providers and interfacing to attribute services.

BankID in Sweden Logo

BankID in Sweden

BankID is the leading electronic identification in Sweden and is fully support by Ceptor. The user’s identification is guaranteed by the bank issuing the BankID.

Google Authenticator / TOTP Logo

Google Authenticator / TOTP

Ceptor supports Google Authenticator and other Time-based One-Time Password (TOTP) based devices.

Microsoft Authenticator / TOTP Logo

Microsoft Authenticator / TOTP

Ceptor supports Microsoft Authenticator and other Time-based One-Time Password (TOTP) based devices.

SMS OTP Icon

SMS OTP

Generate One-Time Password and send them via SMS for easy two-factor authentication – support for multiple SMS providers.

Kerberos Icon

Kerberos

Kerberos is a key part of supported Ceptor login allowing for easy integration into existing Windows Domain infrastructures.

FIDO U2F Icon

FIDO U2F

Supports FIDO U2F two-factor authentication tokens – allows users to register tokens, and use them for login – login with token does not require a password. Full man-in-the-middle attack prevention.

X.509 Icon

X.509

Ceptor has built-in support for X.509 certificates for both login and signing of data, as well as support for certificate revocation lists and online verification of certificates.

Application Server Plugins


Ceptor supports multiple different Application Server Plugins, which are a client towards the Ceptor Server enabling you to have deep integration with any application server.

IBM WebSphere Icon

IBM WebSphere

WebSphere NTAI interface is used to provide declarative JEE authentication and authorization.

Oracle WebLogic Logo

Oracle WebLogic

WebLogic Security Service Provider Interface (SSPI) plugin, allowing declarative security in applications.

Red Hat JBoss Logo

Red Hat JBoss

Single Sign-On and declarative JEE security for JBoss servers.

Microsoft .NET Logo

Microsoft .NET

Ceptor .NET Application Server Plugin for ASP.NET 2.0+ Applications.

Jetty Logo

Jetty

Single Sign-On and declarative JEE security for Jetty servers.

GlassFish Logo

GlassFish

Single Sign-On and declarative JEE security for Glassfish 3+ servers.

Apache Tomcat Logo

Apache Tomcat

Single Sign-On and declarative JEE security for Apache Tomcat 6+ servers.

 

What will Ceptor cost me?

Design your desired configuration to enable us to quote your Ceptor

Platforms


Ceptor Server can run on any platform where a Java Virtual Machine can run. We consider Windows and Linux to be primary platforms. Application Server Plugins can run on the below platforms, plus Windows .NET / IIS where Java is not used.

We have so far had Ceptor running on:

Microsoft Windows Server Logo

Microsoft Windows Server

Linux Logo

Linux

Apple Mac OS/macOS Logo

Apple Mac OS/macOS

IBM AIX Icon

IBM AIX

IBM z/OS Icon

IBM z/OS

Oracle Solaris Logo

Oracle Solaris

Cloud Platforms

Beside from running Ceptor on a physical server, you also have the option of deploying it on a cloud service.

Apple Mac OS/macOS Logo

Amazon Web Service

Ceptor can easily be deployed on AWS with integration to the AWS solutions.

Apple Mac OS/macOS Logo

Microsoft Azure

Ceptor support both Microsoft .NET and Java-based applications.

Contact us