Included are the following components:
- Core - Java Access Management SDK
- Realm - Java EE security for Apache Tomcat
- REST - HTTP protocol wrappers for the APIs
- Web - HTML pages for the APIs
It's released under terms of the Apache License 2.0.
Apache Fortress is a Role-Based Access Control security system. It uses a directory server to store the information about users, roles, permissions, etc. Out-of-the-box it supports either ApacheDS or OpenLDAP servers but works with any LDAPv3 compliant system.