Logo EPFL  
  Ecole Polytechnique Fédérale de Lausanne
Identity Management System  
  English only      EPFL > VPSI > Tequila

Intended Audience


Identity Federation


Open Source


Contact the author of this page



Intended Audience

This Introduction is intended for Tequila developers and a general audience interested in identity management issues. In general, it is summary information and not intended to give detailed technical information to the reader.


Historically the Swiss Federal Polytechnic University of Lausanne (EPFL) has been using an identity management tool called Gaspar. This tool is the repository for authentication information and holds user information for the whole university community. Currently most of the university’s Web based services use it to authenticate their users.

Individual authentication servers can provide services to a single organization easily. New technologies of collaboration, web services, grid computing, etc. make it necessary to have a set of identity management servers that cooperate to manage larger and more disparate groups of users, agents, services, applications and resources – often across the country or around the world.

The need has arisen to have an identity management system to authenticate people across several organizations – a federated identity management suite of tools. Tequila – building on the experience of the EPFL’s IT department in Gaspar - was conceived and developed to achieve this goal.

The Tequila Identity Provider Server is a single server which can easily provide identity management in a single organization – however this is not its main benefit.

Tequila Identity Federation

The basic unit of federation in the Tequila Identity management suite of tools is a cell. A Tequila cell is a set of Tequila servers that agreed to trust themselves and to agree on the meaning of users attributes. Each server manages its own set of users and is able to authenticate these users and return the value of user-related attributes (name, id, ...) on request of another client in the cell.

Tequila holds no data itself, neither authentication data, nor user attributes, it delegates these data to connectors: authentication connectors and data connectors.

Tequila Ready Applications

Applications can be made "Tequila Ready" by implementing one of the Tequila Clients (available in source in Perl, Java and PHP). These create the calls to the Tequila server and pass the authorization information back to the application. This saves application developers and maintainers a lot of time in writing and keeping their authentication process and data up to date.

Tequila Open Source

Tequila is open source software. It is being developed as an open source test bed for identity management standards. The Tequila sources and project are housed at the EPFL and at the SourceForge .

Tequila and Standards

It is the intention of the Tequila developers’ network to work on specific projects that will enhance the interoperability of Tequila with existing standards in the identity management, security and access control space.


©2005 EPFL, 1015 Lausanne, tél. 021 693 49 61, webmaster@epfl.ch
Last Update: 17 May 2005
Useful Links



Tequila @ SourceForge

Liberty Alliance