{"id":18609637,"url":"https://github.com/secure-software-engineering/authcheck","last_synced_at":"2025-04-10T22:31:42.439Z","repository":{"id":39823017,"uuid":"177616307","full_name":"secure-software-engineering/authcheck","owner":"secure-software-engineering","description":"Analysis for access-control vulnerabilities in Java Spring Security applications. ","archived":false,"fork":false,"pushed_at":"2022-05-25T06:29:23.000Z","size":11982,"stargazers_count":13,"open_issues_count":2,"forks_count":5,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-04-15T22:20:09.591Z","etag":null,"topics":["access-control","authentication","authorization","java","security","soot","springframework"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/secure-software-engineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-03-25T15:42:15.000Z","updated_at":"2022-11-09T18:02:49.000Z","dependencies_parsed_at":"2022-08-31T22:52:20.267Z","dependency_job_id":null,"html_url":"https://github.com/secure-software-engineering/authcheck","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2Fauthcheck","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2Fauthcheck/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2Fauthcheck/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secure-software-engineering%2Fauthcheck/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/secure-software-engineering","download_url":"https://codeload.github.com/secure-software-engineering/authcheck/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223449847,"owners_count":17146984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["access-control","authentication","authorization","java","security","soot","springframework"],"created_at":"2024-11-07T03:06:43.564Z","updated_at":"2024-11-07T03:06:44.013Z","avatar_url":"https://github.com/secure-software-engineering.png","language":"JavaScript","readme":"# authcheck\nAnalysis for access-control vulnerabilities in Java Spring Security applications. \n\nCopyright (c) 2019 Secure Software Engineering Group at Paderborn University and Fraunhofer IEM\n* http://www.hni.uni-paderborn.de/swt\n* https://www.iem.fraunhofer.de/\n\n## contributors\n* Tobias Petrasch\n* Goran Piskachev \n* Abdul Rehman Tareen\n* Johannes Späth\n* Eric Bodden\n\nContact: Goran Piskachev (goran.piskachev@iem.fraunhofer.de)\n\n# using authcheck in MacOS or Linux \n\nFirst, compile the AuthCheck's source, use the following Maven command for that in the context of *./SootAnalysis* directory.  \n```$ mvn package```\n\nThen, compile demo/example application by using the following Maven command in the context of *./Spring_Examples/demo* directory.  \n```$ mvn package```\n\nThere are two ready-made configuration files *configuration.json* and *input.json* in *./SootAnalysis* directory, which are used for demo analysis of the example application existing in the source. The former file contains various settings for the analysis and the latter contains the input model needed for the analysis.\n\nBefore running the authcheck on MacOS or Linux, the *configuration.json* file needs to be modified according to your settings; the attributes *jceJarPath* and *rtJarPath* must include your Java Home path. \n\nAfter that, in the contex of *./SootAnalysis* directory, the following command can be used to execute authcheck:  \n```$ java -cp target/Soot-Analysis-1.0-SNAPSHOT-jar-with-dependencies.jar de.fraunhofer.iem.authchecker.Checker configuration.json```\n\nAfter the successful execution of the above command, the analysis will create the report.html in the *./report* directory, which will contain results and suggestions about the analysis.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecure-software-engineering%2Fauthcheck","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecure-software-engineering%2Fauthcheck","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecure-software-engineering%2Fauthcheck/lists"}