Hacker News new | ask | show | jobs
by hsluoyz 1093 days ago
Casdoor is another promising open-source IAM solution: https://casdoor.org/ , written in Go and React. All features like OIDC, OAuth 2.0, SAML, CAS, LDAP, WebAuthn and 2FA are all supported.

Compared to Keycloak, Casdoor has:

1. Support high-concurrency and use less memory (Go v.s. Java) 2. More modern SPA-style web UI (with React and Ant Design), more CDN friendly 3. full-fledged RESTful API 4. Support a lot of provider types: OAuth, SMS, Email, CAPTCHA 5. More powerful authorization (powered by Casbin), Casbin is a popular authorization solution with a lot of integrations for DBs and applications: https://casbin.org/

SaaS hosting is also provided at: https://casdoor.com/ for anyone who don't want to self-host
4 comments
jsiepkes 1093 days ago
> 1. Support high-concurrency and use less memory (Go v.s. Java)

In the context of Go vs Java this is a kind of weird unsubstantiated claim. For example if you think a garbage collector leads to higher memory use; Go uses a garbage collector, just like Java. There are loads of applications which support high concurrency in Java. Such as Elasticsearch and Apache Kafka.

link
hsluoyz 1093 days ago
I's a fact that I also don't know why, maybe not mainly because of GC. Java's high concurrency is not impossible but just requires more efforts to tune the performance
link
jsiepkes 1093 days ago
If your knowledge about a thing is not able to explain a "fact" then you should be cautious about propagating that "fact".
link
hsluoyz 1093 days ago
The fact is a "true" fact, I'm not saying something which is wrong. This is all I care about. I don't need to know why. I'm not an expert on programming languages or look into compiler source code either. If you think the "fact" is not true, plz just give your opinions and evidences.
link
vips7L 1093 days ago
If you claim a fact is true, you should be the one providing evidence.
link
koevet 1093 days ago
This is from the GitHub page of the project:

An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform powered by Casbin and AI gateway with web UI supporting OAuth 2.0, OIDC, SAML and OpenAI ChatGPT

Why would an IAM/Oauth2 platform need Chatgpt? Is this just buzzword bingo?

link
rickette 1093 days ago
The website/docs are in Chinese. This will be a major blocker for folks outside that region.
link
bboygravity 1093 days ago
2. More modern SPA-style web UI (with React and Ant Design),

Is this a feature or an anti-feature?

link
hsluoyz 1093 days ago
SSO doesn't need SEO. So SPA is OK. The good point is RESTful API is fully exposed without any extra dev work.
link