Fortress History

In 2009 a small team of developers[1], who are brothers, began work on the Open Access Manager project. From its onset, the push behind this project was to build a fully functioning security authorization system that’s based on open standards and wholly open source. In particular, Role-Based Access Control (ANSI INCITS 359) was a focal point, although that adherence brought with it a need for expanded coverage into other areas like auditing and administration. After a couple of years of coding in their spare time, the project was unveiled at the 2011 LDAPCon in Heidelberg[2], and with it a new name - Fortress. At the same time, it was announced that the OpenLDAP foundation would sponsor the project and it would be released under a BSD-style variant of an Open Source Software license.

That first release, back in 2011, included just the fortress core and realm components, but development of the web interface (commander) and rest server (enmasse) was already underway. After a few more years, and more releases led to the eventual completion of the others rounding out the product line into what’s available today.

Eventually, it was understood that nights and weekends of a few developers aren’t enough and so for the fortress concept to survive, it had to be carried into a large field. In 2014 the Fortress project moved from its OpenLDAP foundation home into the ASF as a subproject of the Apache Directory.

This new home proved worthy as help from the Apache Directory project, along with its community has brought many new members and improvements.

Footnotes:
[1] Initial team roster (l to r) in 2009: Kevin McKinney (developer), Kelly McKinney (project manager) and Shawn McKinney (not pictured).

[2] Presentation Open Source IAM using Fortress and OpenLDAP