Flexess is a component-based product which adds access management capabilities for Java applications. The solution allows to separate security aspects from the main application logic. The product provides the entire infrastructure starting from a tool, which allows creating an application security model to the web portal, which manages the assignments of the different access privileges to the users. Main features:

• Security Modeling - Gives you possibility to create a model of the security features of the application. You can create a protected object Order, specify operations like "create", "read", "update", "delete" and provide constraints under which these operations are accessible.
• Role-Based Access Control - All the security aspects are modeled in terms of Users, Roles and Permissions.
• Parameterized Permissions - Permissions in Flexess are not strings, but can be parameterized with the attributes. For example, RegionalPermission has an attribute region and a constraint "Order.region=RegionalPermission .region". It means that this permission will be satisified, when the region attribute of Order matches the region attribute of the permission.
• Authorization - The minimal code can be done for authorization. To check if the user is authorized to create an order, you will need to invoke check(userId,order,"create").
• Authentication - Flexess provides an authentication module and can be integrated with existing authentication frameworks.
• Web Administration - Allows you to manage users, roles and permissions through the web interfaces.
• User Management - Maintains a database of users with customized user profiles.

The early access release is available for download.

So, could you give some reasons for choosing your product over Spring Security?

Our authorization model is more flexible. Flexess allows to create instance-level permissions (like the user may edit only his/her profile) in the UI editor and deploy and maintain the security model separately from the application. Flexess is not only a security framework. The product contains a web-based administrative application, which allows managing user-role assignments.

Our authorization model is more flexible. Flexess allows to create instance-level permissions (like the user may edit only his/her profile)

So does spring security/acegi.

Not exactly. In acegi you need to implement a custom AccessDecisionVoter. Flexess provides a declarative language for describing such constraints(profile.userId == user.Id) and allows to change them without changing the code.

Does this product support LDAP integration? Thanks, Sergey

The current EAP build does not include LDAP integration, but this feature is being implemented now and it will be definitely included in the 1.0 release.

Hi Ekaterina, is Flexess going to be Open Source? Thanks, Sergey

No. But we are not going to get run-time fee for using this product.

Can integrate with CAS SSO server ? great job!