This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Java Security Frameworks

Revision as of 15:07, 14 January 2008 by Stephendv (talk | contribs)

Jump to: navigation, search

A list of third party (i.e. not part of Java SE or EE) security frameworks.


Access Control (Authentication and Authorisation)

  • Acegi Security - Acegi Security is a powerful, flexible security solution for enterprise software, with a particular emphasis on applications that use Spring. Using Acegi Security provides your applications with comprehensive authentication, authorization, instance-based access control, channel security and human user detection capabilities.
  • jGuard - jGuard is written in java. his goal is to provide a security framework based on jaas (java authentication and authorization security) . this framework is written for web and standalone applications, to resolve simply, access control problems.


  • Bouncycastle - Lightweight Java cryptography APIs
  • Jasypt - Jasypt is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.