top of page
  • Shawn McKinney

New Sheriff in Town


And it don’t need no stinking badges. Yeah, I’m mixing clichés, happens sometimes when coding long hours in a stretch. :-)


What I’m talking about is a new access management system, released to PyPI yesterday for the first time.

py-fortress on PyPI

Considering we just started coding a couple of months ago that’s pretty good progress.

What is it? A toolkit designed for Python3, with APIs that developers can use to do security in an RBAC-compliant way. Today, it requires an LDAP server to store the policies, but a file-based backend will soon be ready. No, I’m not recommending files in production, but it’s fine for getting started, within dev envs.

You can check the py-fortress project here:

py-fortress README on GitHub

Inside are links to some documents to help get started. The quickstart doesn’t require cloning the project GIT repo, but you’ll need a Linux machine, Python3, PIP and Docker engine installed. Everything else is covered.

Why would you want it? That’s a long story. It starts with an imperative to follow standards, in security processes, like authentication and authorization. That there’s value in committing to best-practices, in this case ANSI RBAC.

It may help to know that this effort is backed by my employer — Symas.

Eventually, this code may end up inside of an Apache project, like Apache Fortress. Or, it might land somewhere else. It’s too early to know. What’s certain is that it’ll remain open, available to use and learn from.

87 views0 comments

Recent Posts

See All

We are pleased to announce the availability of Symas OpenLDAP 2.6.3, which was released on July 14, 2022. Several high profile changes included in this update are: Fixed librewrite declaration of call

bottom of page