Difference between revisions of "Java Security Frameworks"

Latest revision as of 17:05, 22 February 2016

This page has been moved to https://www.owasp.org/index.php/Category:Java#tab=Related_3rd_Party_Projects.

@@ Line 1: / Line 1: @@
-A list of third party (i.e. not part of Java SE or EE) security frameworks. This page contains a list of Java security libraries and frameworks and indicates which security features each library supports.
+This page has been moved to https://www.owasp.org/index.php/Category:Java#tab=Related_3rd_Party_Projects.
-==Enterprise==
-* [[ESAPI|OWASP Enterprise Security API]] a new OWASP project to provide all essential security services under one roof.
-* [http://www.hdiv.org/ HDIV] A web application security framework that provides a number of functions.
-== Access Control (Authentication and Authorisation) ==
-* [http://sourceforge.net/projects/jguard jGuard] - jGuard is written in Java. Its goal is to provide a security framework based on JAAS (Java Authentication and Authorization Security). The framework is written for web and standalone applications, to easily provide solutions for access control problems.
-== Encryption ==
-* [http://www.bouncycastle.org/ Bouncycastle] - Lightweight Java cryptography APIs
-* [http://www.jasypt.org/ Jasypt] - Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
-== Cross Site Scripting (XSS) ==
-* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project] is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies to help Java web developers defend against Cross Site Scripting.
-* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project OWASP Java HTML Sanitizer Project] is a fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS.
-* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP Java JSON Sanitizer] is a tool to convert JSON-like content to valid JSON! The OWASP JSON Sanitizer Project is a simple to use Java library that can be attached at either end of a data-pipeline
-== Additional Java Security Libraries  ==
-{| border="1" align="center" width="80%" cellspacing="1" cellpadding="1"
-|-
-! scope="col" | Name and link<br>
-! scope="col" | Updated<br>
-! scope="col" | AU<br>
-! scope="col" | AC<br>
-! scope="col" | CF<br>
-! scope="col" | CR<br>
-! scope="col" | IV<br>
-! scope="col" | OE<br>
-! scope="col" | SM<br>
-! scope="col" | XM<br>
-! scope="col" | XS<br>
-|-
-| [http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project AntiSami]<br>
-| align="center" | 2011<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | &nbsp;Y<br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|-
-| [http://santuario.apache.org/ Apache Santuarrio]<br>
-| align="center" | 2011<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | &nbsp;Y<br>
-| align="center" | <br>
-|-
-| [http://shiro.apache.org/ Apache Shiro]<br>
-| align="center" | 2011<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | &nbsp;?<br>
-| align="center" | Y<br>
-| align="center" | &nbsp;?<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | &nbsp;?<br>
-| align="center" | Y<br>
-|-
-| [http://www.bouncycastle.org/ Bouncy Castle]<br>
-| align="center" | 2011<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|-
-| [http://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project CSRFGuard]<br>
-| align="center" | &nbsp;?<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|-
-| [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API ESAPI]<br>
-| align="center" | 2010<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | &nbsp;?<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | &nbsp;?<br>
-| align="center" | <br>
-| align="center" | Y<br>
-|-
-| [http://www.jasypt.org/ Jasypt]<br>
-| align="center" | 2010<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|-
-| [http://sourceforge.net/projects/jguard/ iGuard]<br>
-| align="center" | 2011<br>
-| align="center" | Y<br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|-
-| [http://www.sapia-oss.org/projects/vlad/ Vlad]<br>
-| align="center" | &nbsp;?<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | Y<br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-| align="center" | <br>
-|}
-<br>
-== Security Features Key  ==
-*AU Authentication
-*AC Authorization / Access Control
-*CF Anti CSRF
-*CR Cryptography
-*IV Input Validation
-*OE Output encoding
-*SM Session management
-*XM XML security
-*XS XSS protection
-[[Category:OWASP_Java_Project]]

Difference between revisions of "Java Security Frameworks"

Latest revision as of 17:05, 22 February 2016

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools