Difference between revisions of "Java Security Frameworks"

From OWASP
Jump to: navigation, search
(Enterprise)
(Aecgi rolled into Spring, link was broken)
(One intermediate revision by one user not shown)
Line 2: Line 2:
  
 
==Enterprise==
 
==Enterprise==
* [[ESAPI OWASP Enterprise Security API]] a new OWASP project to provide all essential security services under one roof.
+
* [[ESAPI|OWASP Enterprise Security API]] a new OWASP project to provide all essential security services under one roof.
  
 
== Access Control (Authentication and Authorisation) ==
 
== Access Control (Authentication and Authorisation) ==
* [http://www.acegisecurity.org/ Acegi Security] - Acegi Security is a powerful, flexible security solution for enterprise software, with a particular emphasis on applications that use Spring. Using Acegi Security provides your applications with comprehensive authentication, authorization, instance-based access control, channel security and human user detection capabilities.
 
 
* [http://sourceforge.net/projects/jguard jGuard] - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.
 
* [http://sourceforge.net/projects/jguard jGuard] - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.
  

Revision as of 05:12, 22 August 2013

A list of third party (i.e. not part of Java SE or EE) security frameworks.

Enterprise

Access Control (Authentication and Authorisation)

  • jGuard - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.

Encryption

  • Bouncycastle - Lightweight Java cryptography APIs
  • Jasypt - Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.