Apache Shiro - Java Security Framework

  •        2660

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any JVM-based application – from the smallest mobile applications to the largest web and enterprise applications.




Related Projects

shiro - Mirror of Apache Shiro

Apache Shiro is a powerful and flexible open-source security framework that cleanly handles authentication, authorization, enterprise session management, single sign-on and cryptography services.

pac4j - The security engine to protect all your Java web applications

pac4j is a Java security engine to authenticate users, get their profiles and manage their authorizations in order to secure Java web applications. It supports most authentication mechanisms: OAuth (Facebook, Twitter, Google, Yahoo...), CAS, HTTP (form, basic auth...), OpenID, SAML, Google App Engine, OpenID Connect, JWT, LDAP, RDBMS, MongoDB and Stormpath and authorization checks.

Sentinel - A framework agnostic authentication & authorization system.

Sentinel is a PHP 5.4+ fully-featured authentication & authorization system. It also provides additional features such as user roles and additional security features. Sentinel is a framework agnostic set of interfaces with default implementations, though you can substitute any implementations you see fit.

Eclipse JAAS Framework

A collection of Eclipse plugins to manage authentication and authorization within an application built on the RCP framework. The plugins provide an implementation of the JAAS API and can be extended by developers to support their own security needs

Search Guard - Rock solid Elasticsearch security on all levels

Search Guard is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable authentication and authorization modules in addition. Search Guard is fully compatible with Kibana, Logstash and Beats.

mustbe - Authorization plumbing for NodeJS/ExpressJS/ConnectJS apps

MustBe is not a complete authorization framework, with roles and responsibilities and models and data access and everything that you need. Rather, it is the underlying plumbing that you need to secure your site. It allows you to fill in the necessary parts to manage data access, roles and users, and gives you the activity based plumbing to secure it all. MustBe is an authorization system - the part of a security system that decides whether or not you are allowed to do something. This is the second of authentication and authorization, where authentication simply determines who you are.

fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.


JSecurity is a powerful and flexible open-source Java security framework that cleanly handles authentication, authorization, enterprise session management, and cryptography services.

OpenAM - Authentication, Authorization and SSO

OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.

Security - Middleware for security and authorization of web apps.

Contains the security and authorization middlewares for ASP.NET Core.A list of community projects related to authentication and security for ASP.NET Core are listed in the documentation.

Ranger - Manage Data Security across the Hadoop Platform

Ranger is a framework to enable, monitor and manage comprehensive data security across the Hadoop platform. It provides centralized security administration to manage all security related tasks in a central UI or using REST APIs, Fine grained authorization, Centralize auditing of user access within Apache Hadoop, Apache Hive, Apache HBase and other Apache components.

Keyczar - Toolkit for safe and simple cryptography

KeyczarKeyczar is an open source cryptographic toolkit designed to make it easier and safer for devlopers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys. Keyczar was originally developed by members of the Google Security Team.

CLR Security

The CLR security team codeplex site provides sample code and libraries of APIs to extend and debug the security APIs that ship with the .NET Framework. This codeplex site includes Security.Cryptography.dll which adds new cryptography algorithms to the .NET framework, as well ...

Cryptlib - provides Encryption and Authentication Service

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

FreeIPA - Identity and Access Management for Linux

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

Acegi Security Extensions Project

Acegi-ext aims to provide additional capabilities to Acegi Security Framework,such as declarative management of ACL entries,support for Acegi Security in portal environments, and constraint based security features over role based authorization mechanisms

Libcurve - An encryption and authentication library for ZeroMQ applications

Curve implements the CurveZMQ elliptic curve security mechanism, for use in ZeroMQ applications. This library is primarily a reference implementation for the CurveZMQ specification but may also be used for end-to-end security. CurveZMQ creates encrypted sessions ("connections") between two peers using short term keys that it securely exchanges using long term keys. When the session is over, both sides discard their short term keys, rendering the encrypted data unreadable, even if the long term keys are captured. It is not designed for long term encryption of data.

conscrypt - Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension

Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.

Apache Karaf - OSGi distribution for server-side applications

Karaf Container is a modern and polymorphic container. It's a lightweight, powerful, and enterprise ready container powered by OSGi. By polymorphic, it means that Karaf can host any kind of applications: OSGi, Spring, WAR, and much more. It uses either the Apache Felix or Eclipse Equinox OSGi frameworks, providing additional features on top of the framework.

Tcpcrypt - Encrypting the Internet

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP.