In 2009 a small team of developers, who are brothers, began work on the Open Access Manager project. From its onset, the push behind this project was to build a fully functioning access control system that is based on open standards and wholly open source. In particular, Role-Based Access Control (ANSI INCITS 359) was a focal point, although that adherence brought with it a need for expanded coverage into other areas like auditing and administration. After a couple of years of coding in their spare time, the brothers unveiled the project at the 2011 LDAPCon in Heidelberg, and with it a new name - Fortress. At the same time, it was announced that the OpenLDAP foundation would sponsor the project and it would be released under a BSD-style variant of an Open Source Software license.
That first release, back in 2011, included just the fortress core and realm components, but development of the web interface (commander) and rest server (enmasse) was already underway. A few more years saw many more releases and the eventual completion of the others rounding out the entire product line into what's available today.
Eventually, it was understood that nights and weekends of a few developers isn't enough and so if the fortress concept was to survive, it had to be carried into a larger field. In 2014 the Fortress project moved from its OpenLDAP foundation home into the ASF as a subproject of the Apache Directory.
This new home proved worthy as the influx of new talent gained from being associated with the Apache Directory project, along with added exposure from its community has brought with it many gains and improvements.
Footnotes: . team roster in 2009 consisted of Kelly McKinney (engineering manager), Kevin McKinney (fortress web developer), and Shawn McKinney (fortress core developer).