Difference between revisions of "Scala Frameworks"

From OWASP
Jump to: navigation, search
Line 29: Line 29:
  
 
The following is a series of documents regarding the security configurations for the above mentioned frameworks
 
The following is a series of documents regarding the security configurations for the above mentioned frameworks
 +
https://www.owasp.org/index.php/Scala_Frameworks/Play
  
 
==Vulnerable Framework Components==
 
==Vulnerable Framework Components==

Revision as of 08:07, 7 November 2017

Scala language , just as JAVA , offers different types of Security Frameworks you can work with. Depending on the task, here we offer some general guidelines regarding the proper use of them The following table contains the most popular ones and their security in terms of modules and implementation

Security Frameworks

The following Scala frameworks contain modules that help developers implement secure features such as Authentenciation, Authorization, CRSF or SQLInjection

Framework Authentication Authorization CSRF XSS SQLInjection
Play - - -
Deadbolt 2 - - -
Play-pac4j - - - -
Scala-oauth2-provider - - - -
SecureSocial - - - -
Silhouette - Play Framework Library - - - -
Lift
Akka (Akka-http) - - -
Spray - - -

Secure Coding - Scala Frameworks

The following is a series of documents regarding the security configurations for the above mentioned frameworks https://www.owasp.org/index.php/Scala_Frameworks/Play

Vulnerable Framework Components

It is essential that developers implement regular dependency checks of their components, since must Scala projects will make use of the above mentioned frameworks

Reference

https://www.47deg.com/blog/security-frameworks-for-scala/