Summary of Java Security Libraries

From OWASP
Revision as of 06:23, 17 March 2011 by Psiinon (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

What is this page for?

This page contains a table of Java security libraries and indicates which security features each library supports.

The plan is to use this information to work backwards to create a 'decision tree' which will allow Java developers to decide which security libraries would be the most suitable for their requirements.

It is at a very early stage, and will almost certainly contain many mistakes and omissions. Please feel free to correct these yourself, or contact Psiinon to correct them on your behalf.

Java Security Libraries

Name and link
Updated
AU
AC
CF
CR
IV
OE
SM
XM
XS
AntiSami
2011




 Y
Y



Apache Santuarrio
2011







 Y

Apache Shiro
2011
Y
Y
 ?
Y
 ?
Y
Y
 ?
Y
Bouncy Castle
2011



Y





CSRFGuard
 ?



Y





ESAPI
2010
Y
Y
 ?
Y
Y
Y
 ?

Y
Jasypt
2010



Y





iGuard
2011
Y
Y







Vlad
 ?




Y





Security Features Key

  • AU Authentication
  • AC Authorization / Access Control
  • CF Anti CSRF
  • CR Cryptography
  • IV Input Validation
  • OE Output encoding
  • SM Session management
  • XM XML security
  • XS XSS protection