{"id":28404730,"url":"https://github.com/pac4j/jee-pac4j","last_synced_at":"2026-03-15T23:36:11.080Z","repository":{"id":8753069,"uuid":"10433124","full_name":"pac4j/jee-pac4j","owner":"pac4j","description":"Security library for JEE: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...","archived":false,"fork":false,"pushed_at":"2025-11-29T04:32:35.000Z","size":530,"stargazers_count":55,"open_issues_count":1,"forks_count":19,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-12-01T05:34:55.614Z","etag":null,"topics":["authentication","authorization","cas","facebook","j2e","j2ee","java","jwt","ldap","login","logout","mongodb","oauth","openid-connect","saml","security","social-login","sql","twitter"],"latest_commit_sha":null,"homepage":"http://www.pac4j.org","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pac4j.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2013-06-02T05:58:09.000Z","updated_at":"2025-11-29T04:32:30.000Z","dependencies_parsed_at":"2024-03-22T10:54:10.012Z","dependency_job_id":"ee130d0b-2d70-4932-bde8-21f3c28322af","html_url":"https://github.com/pac4j/jee-pac4j","commit_stats":null,"previous_names":["pac4j/j2e-pac4j"],"tags_count":32,"template":false,"template_full_name":null,"purl":"pkg:github/pac4j/jee-pac4j","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pac4j%2Fjee-pac4j","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pac4j%2Fjee-pac4j/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pac4j%2Fjee-pac4j/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pac4j%2Fjee-pac4j/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pac4j","download_url":"https://codeload.github.com/pac4j/jee-pac4j/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pac4j%2Fjee-pac4j/sbom","scorecard":{"id":708396,"data":{"date":"2025-08-11","repo":{"name":"github.com/pac4j/jee-pac4j","commit":"a07d09f95aac6261a61396c12bf0faec948e972d"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.3,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/1 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":7,"reason":"9 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/pac4j/jee-pac4j/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/pac4j/jee-pac4j/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/pac4j/jee-pac4j/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/pac4j/jee-pac4j/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/pac4j/jee-pac4j/ci.yml/master?enable=pin","Info:   0 out of   5 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:16","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:37"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 29 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T07:25:35.365Z","repository_id":8753069,"created_at":"2025-08-22T07:25:35.365Z","updated_at":"2025-08-22T07:25:35.365Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27772028,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-16T02:00:10.477Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","cas","facebook","j2e","j2ee","java","jwt","ldap","login","logout","mongodb","oauth","openid-connect","saml","security","social-login","sql","twitter"],"created_at":"2025-06-01T20:37:41.260Z","updated_at":"2025-12-16T21:50:26.880Z","avatar_url":"https://github.com/pac4j.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://pac4j.github.io/pac4j/img/logo-j2e.png\" width=\"300\" /\u003e\n\u003c/p\u003e\n\nThe `jee-pac4j` project is an **easy and powerful security library for JEE web applications and web services** which supports authentication and authorization, but also logout and advanced features like session fixation and CSRF protection.\nIt's based on the **[pac4j security engine](https://github.com/pac4j/pac4j)**. It's available under the Apache 2 license.\n\n| jee-pac4j    | Module for JavaEE webapp | Module for Jakarta EE webapp | JDK | pac4j | Usage of Lombok | Status           |\n|--------------|--------------------------|-----------------------------|-----|-------|-----------------|------------------|\n| version \u003e= 8 | javaee-pac4j             | jakartaee-pac4j             | 17  | v6    | Yes             | Production ready |\n| version \u003e= 7 | javaee-pac4j             | jakartaee-pac4j             | 11  | v5    | No              | Production ready |\n| version \u003e= 6 | jee-pac4j                |                             | 11  | v5    | No              | Production ready |\n| version \u003e= 5 | jee-pac4j                |                             | 8   | v4    | No              | Production ready |\n\n[**Main concepts and components:**](https://www.pac4j.org/docs/main-concepts-and-components.html)\n\n1) A [**client**](https://www.pac4j.org/docs/clients.html) represents an authentication mechanism. It performs the login process and returns a user profile. An indirect client is for web applications authentication while a direct client is for web services authentication:\n\n\u0026#9656; OAuth - SAML - CAS - OpenID Connect - HTTP - Google App Engine - Kerberos - LDAP - SQL - JWT - MongoDB - CouchDB - IP address - REST API\n\n2) An [**authorizer**](https://www.pac4j.org/docs/authorizers.html) is meant to check authorizations on the authenticated user profile(s) or on the current web context:\n\n\u0026#9656; Roles - Anonymous / remember-me / (fully) authenticated - Profile type, attribute -  CORS - CSRF - Security headers - IP address, HTTP method\n\n3) A [**matcher**](https://www.pac4j.org/docs/matchers.html) defines whether the `SecurityFilter` must be applied and can be used for additional web processing\n\n4) The `SecurityFilter` protects an url by checking that the user is authenticated and that the authorizations are valid, according to the clients and authorizers configuration. If the user is not authenticated, it performs authentication for direct clients or starts the login process for indirect clients\n\n5) The `CallbackFilter` finishes the login process for an indirect client\n\n6) The `LogoutFilter` logs out the user from the application and triggers the logout at the identity provider level\n\n7) The `JEEContext` and the `ProfileManager` components can be injected\n\n8) The `FilterHelper` handles the filters and their related mappings.\n\n\n## Usage\n\n### 1) [Add the required dependencies](https://github.com/pac4j/jee-pac4j/wiki/Dependencies)\n\n### 2) Define:\n\n### - the [security configuration](https://github.com/pac4j/jee-pac4j/wiki/Security-configuration)\n### - the [callback configuration](https://github.com/pac4j/jee-pac4j/wiki/Callback-configuration), only for web applications\n### - the [logout configuration](https://github.com/pac4j/jee-pac4j/wiki/Logout-configuration)\n\n### 3) [Apply security](https://github.com/pac4j/jee-pac4j/wiki/Apply-security)\n\n### 4) [Get the authenticated user profiles](https://github.com/pac4j/jee-pac4j/wiki/Get-the-authenticated-user-profiles)\n\n\n## Demos\n\nTwo demo webapps: [jee-pac4j-demo](https://github.com/pac4j/jee-pac4j-demo) (a simple JSP/servlets demo) and [jee-pac4j-cdi-demo](https://github.com/pac4j/jee-pac4j-cdi-demo) (a more advanced demo using JSF and CDI) are available for tests and implements many authentication mechanisms: Facebook, Twitter, form, basic auth, CAS, SAML, OpenID Connect, JWT...\n\n\n## Versions\n\nThe latest released version is the [![Maven Central](https://maven-badges.herokuapp.com/maven-central/org.pac4j/jee-pac4j/badge.svg?style=flat)](https://maven-badges.herokuapp.com/maven-central/org.pac4j/jee-pac4j), available in the [Maven central repository](https://repo.maven.apache.org/maven2).\nThe [next version](https://github.com/pac4j/jee-pac4j/wiki/Next-version) is under development.\n\nSee the [release notes](https://github.com/pac4j/jee-pac4j/wiki/Release-Notes).\n\nSee the [migration guide](https://github.com/pac4j/jee-pac4j/wiki/Migration-guide) as well.\n\n\n## Need help?\n\nYou can use the [mailing lists](https://www.pac4j.org/mailing-lists.html) or the [commercial support](https://www.pac4j.org/commercial-support.html).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpac4j%2Fjee-pac4j","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpac4j%2Fjee-pac4j","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpac4j%2Fjee-pac4j/lists"}