https://github.com/damianperera/spring-boot-secure

Security module for Spring Boot that applies recommended Secure HTTP Response Headers and more
https://github.com/damianperera/spring-boot-secure

owasp owasp-top-10 security spring spring-boot spring-boot-starter

Last synced: 8 months ago
JSON representation

Security module for Spring Boot that applies recommended Secure HTTP Response Headers and more

Host: GitHub
URL: https://github.com/damianperera/spring-boot-secure
Owner: damianperera
License: gpl-3.0
Created: 2023-07-31T16:41:15.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2023-08-05T09:47:03.000Z (about 2 years ago)
Last Synced: 2023-08-05T10:31:45.512Z (about 2 years ago)
Topics: owasp, owasp-top-10, security, spring, spring-boot, spring-boot-starter
Language: Kotlin
Homepage: https://github.com/damianperera/spring-boot-secure/packages/
Size: 96.7 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

          # Spring Boot Secure

Security module for [Spring Boot](https://spring.io/projects/spring-boot) based on [OWASP Top Ten](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html#security-headers) recommendations that adds support for Secure HTTP Response Headers and more.

![Spring](https://img.shields.io/badge/spring-%236DB33F.svg?logo=spring&logoColor=white) [![Build](https://github.com/damianperera/spring-boot-secure/actions/workflows/build.yml/badge.svg)](https://github.com/damianperera/spring-boot-secure/actions/workflows/build.yml) [![CodeQL](https://github.com/damianperera/spring-boot-secure/actions/workflows/github-code-scanning/codeql/badge.svg)](https://github.com/damianperera/spring-boot-secure/actions/workflows/github-code-scanning/codeql)

## Features

- :white_check_mark: Dynamic HTTP Security Response Headers

- :soon: Modify Security Response Headers

- :soon: Request Size Limits

- :soon: Rate Limits

- :soon: Basic Auth

- :soon: CSRF

## Installation

### Using GitHub Packages

1. Authenticate with GitHub Packages as explained [here](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-gradle-registry#authenticating-to-github-packages).

2. Add the repository to your `build.gradle` or `build.gradle.kts` file.

      ```kotlin

      repositories {

         maven {

            url = uri("https://maven.pkg.github.com/damianperera/spring-boot-secure")

            credentials {

               username = ""

               password = ""

            }

         }

      }

      ```

3. Add the package dependency to your `build.gradle` or `build.gradle.kts` file.

      ```kotlin

      dependencies {

         implementation("io.perera.secure-spring-boot-starter")

      }

      ```

## Usage

Annotate your main `@SpringBootApplication` class with `@EnableSpringSecure`.

```kotlin

@SpringBootApplication

@EnableSpringSecure

class TestApplication

```

For a sample implementation refer the [TestApplication.kt](/src/test/kotlin/io/perera/spring/secure/sample/TestApplication.kt) file.

## Inspiration

- Nuxt Security by [@Baroshem](https://github.com/Baroshem)

   - [GitHub](https://github.com/Baroshem/nuxt-security)

   - [Nuxt Docs](https://nuxt.com/modules/security)

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/damianperera/spring-boot-secure

Awesome Lists containing this project

README