This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Scala Frameworks
Scala language , just as JAVA , offers different types of Security Frameworks you can work with. Depending on the task, here we offer some general guidelines regarding the proper use of them The following table contains the most popular ones and their security in terms of modules and implementation
Security Frameworks
The following Scala frameworks contain modules that help developers implement secure features such as Authentenciation, Authorization, CRSF or SQLInjection
| Framework | Authentication | Authorization | CSRF | XSS | SQLInjection |
|---|---|---|---|---|---|
| Play | ✓ | ✓ | - | - | - |
| Deadbolt 2 | ✓ | - | - | - | |
| Play-pac4j | ✓ | - | - | - | - |
| Scala-oauth2-provider | ✓ | - | - | - | - |
| SecureSocial | ✓ | - | - | - | - |
| Silhouette - Play Framework Library | ✓ | - | - | - | - |
| Lift | ✓ | ✓ | ✓ | ✓ | ✓ |
| Akka (Akka-http) | ✓ | ✓ | - | - | - |
| Spray | ✓ | ✓ | - | - | - |
Secure Coding - Scala Frameworks
The following is a series of documents regarding the security configurations for the above mentioned frameworks https://www.owasp.org/index.php/Scala_Frameworks/Play
Vulnerable Framework Components
It is essential that developers implement regular dependency checks of their components, since must Scala projects will make use of the above mentioned frameworks
