Difference between revisions of "Java Security Frameworks"

From OWASP
Jump to: navigation, search
(Enterprise)
(adding hdiv)
(2 intermediate revisions by 2 users not shown)
Line 2: Line 2:
  
 
==Enterprise==
 
==Enterprise==
* [[ESAPI OWASP Enterprise Security API]] a new OWASP project to provide all essential security services under one roof.
+
* [[ESAPI|OWASP Enterprise Security API]] a new OWASP project to provide all essential security services under one roof.
 +
* [http://www.hdiv.org/ HDIV] A web application security framework that provides a number of functions.
  
 
== Access Control (Authentication and Authorisation) ==
 
== Access Control (Authentication and Authorisation) ==
* [http://www.acegisecurity.org/ Acegi Security] - Acegi Security is a powerful, flexible security solution for enterprise software, with a particular emphasis on applications that use Spring. Using Acegi Security provides your applications with comprehensive authentication, authorization, instance-based access control, channel security and human user detection capabilities.
 
 
* [http://sourceforge.net/projects/jguard jGuard] - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.
 
* [http://sourceforge.net/projects/jguard jGuard] - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.
  

Revision as of 22:33, 25 February 2014

A list of third party (i.e. not part of Java SE or EE) security frameworks.

Enterprise

  • OWASP Enterprise Security API a new OWASP project to provide all essential security services under one roof.
  • HDIV A web application security framework that provides a number of functions.

Access Control (Authentication and Authorisation)

  • jGuard - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.

Encryption

  • Bouncycastle - Lightweight Java cryptography APIs
  • Jasypt - Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.