Symas Enforcement Foundry offers role-based access control (RBAC) that’s production-ready, open source and fully supported, so you can regulate the access privileges of each person within your enterprise based on their role within your organization.

Our commercially-supported access management offering, production-ready and open source.

Symas Enforcement Foundry is an implementation of the ANSI Role-Based Access Control standard (INCITS 359), based on Apache Fortress and OpenLDAP. As an open-source solution, it’s available to use without restriction.


Find javadocs on RBAC for Fortress here, plus info on its capabilities.

Explore Capabilities

  • RBAC Management APIs (Fortress Core)
  • RBAC Management Services (Fortress Rest)
  • RBAC Management Pages (Fortress Web)
  • RBAC Policy Enforcement for Apache Tomcat (Fortress Realm)
  • Centralized audit log (OpenLDAP)
  • Multi-tenant data and object model
  • Directory storage and replication (OpenLDAP)

Suite Includes

Symas commercial support covers the following Apache Fortress components.

Explore the Suite

  • Fortress Core.  RBAC software development kit: learn more
  • Fortress Web.  Web gui for managing RBAC policies and identities: learn more
  • Fortress Rest.  Web policy server for managing RBAC through a RESTful interface: learn more
  • Fortress Realm.  Access enforcement modules for existing services: learn more

The following components are also included.


Find out how we designed the infrastructure of Foundry to achieve its goals.

Multi-tenant Architecture

Symas Enforcement Foundry uses multi-tenant architecture.

Product Roadmap

What the future looks like for Symas Enforcement Foundry.

What's Coming

Web Access Management
  • OpenID Connect
  • OAuth 2.0
  • SAML 2.0


The source of Symas Enforcement Foundry is managed by the Apache GIT repo.

Get Foundry

Source and Binary bundles are available from…