Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/pac4j/pac4j
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
https://github.com/pac4j/pac4j
authentication authorization cas dropwizard j2e java jax-rs jwt ldap oauth openid-connect play-framework ratpack saml security shiro sparkjava spring-mvc spring-security vertx
Last synced: 10 days ago
JSON representation
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
- Host: GitHub
- URL: https://github.com/pac4j/pac4j
- Owner: pac4j
- License: apache-2.0
- Created: 2012-01-28T17:04:12.000Z (almost 13 years ago)
- Default Branch: master
- Last Pushed: 2024-09-27T22:22:57.000Z (about 1 month ago)
- Last Synced: 2024-09-29T09:25:14.887Z (about 1 month ago)
- Topics: authentication, authorization, cas, dropwizard, j2e, java, jax-rs, jwt, ldap, oauth, openid-connect, play-framework, ratpack, saml, security, shiro, sparkjava, spring-mvc, spring-security, vertx
- Language: Java
- Homepage: http://www.pac4j.org
- Size: 64.8 MB
- Stars: 2,417
- Watchers: 114
- Forks: 688
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-ccamel - pac4j/pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT... (Java)
- awesome-java-security - PAC4J - Security engine for Java to authenticate users, get their profiles and manage authorizations in order to secure web applications and web services. (Web Framework Hardening)
- awesome-auth - pac4j - Security engine for Java (authentication, authorization, multi-frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT. (Authorization / <a name="authZ-java"></a>Java)
README
### `pac4j` is an easy and powerful security framework for Java to authenticate users, get their profiles and manage authorizations in order to secure web applications and web services.
It provides a comprehensive set of [**concepts and components**](https://www.pac4j.org/docs/main-concepts-and-components.html).
It is **available for most frameworks/tools** and **supports most authentication/authorization mechanisms**.
It is licensed under the Apache 2 license.
| JDK | pac4j | Usage of Lombok |
|-----|-------|-----------------|
| 17 | v6.x | Yes |
| 11 | v5.x | No |
| 8 | v4.x | No |
## Available implementations (*Get started by clicking on your framework*):
[JEE](https://github.com/pac4j/j2e-pac4j)
• [Spring Web MVC (Spring Boot)](https://github.com/pac4j/spring-webmvc-pac4j)
• [Spring Webflux (Spring Boot)](https://github.com/pac4j/spring-webflux-pac4j)
• [Apache Shiro](https://github.com/bujiio/buji-pac4j)
• [Spring Security (Spring Boot)](https://github.com/pac4j/spring-security-pac4j)
[CAS server](https://apereo.github.io/cas/6.6.x/integration/Delegate-Authentication.html)
• [Syncope](https://syncope.apache.org)
• [Apache Knox](http://knox.apache.org/books/knox-1-6-0/user-guide.html#Pac4j+Provider+-+CAS+/+OAuth+/+SAML+/+OpenID+Connect)
[Play 2.x](https://github.com/pac4j/play-pac4j)
• [Vertx](https://github.com/pac4j/vertx-pac4j)
• [Spark Java](https://github.com/pac4j/spark-pac4j)
• [Ratpack](http://ratpack.io/manual/current/pac4j.html#pac4j)
• [JAX-RS](https://github.com/pac4j/jax-rs-pac4j)
• [Dropwizard](https://github.com/pac4j/dropwizard-pac4j)
[Javalin](https://github.com/pac4j/javalin-pac4j)
• [Pippo](http://www.pippo.ro/doc/security.html#pac4j-integration)
• [Undertow](https://github.com/pac4j/undertow-pac4j)
• [Lagom](https://github.com/pac4j/lagom-pac4j)
• [Akka HTTP](https://github.com/StackVista/akka-http-pac4j)
• [Jooby](https://jooby.io/modules/pac4j)
## Authentication mechanisms:
[OAuth (Facebook, Twitter, Google...)](https://www.pac4j.org/docs/clients/oauth.html) - [SAML](https://www.pac4j.org/docs/clients/saml.html) - [CAS](https://www.pac4j.org/docs/clients/cas.html) - [OpenID Connect](https://www.pac4j.org/docs/clients/openid-connect.html) - [HTTP](https://www.pac4j.org/docs/clients/http.html) - [Google App Engine](https://www.pac4j.org/docs/clients/google-app-engine.html) - [Kerberos (SPNEGO/Negotiate)](https://www.pac4j.org/docs/clients/kerberos.html)
[LDAP](https://www.pac4j.org/docs/authenticators/ldap.html) - [SQL](https://www.pac4j.org/docs/authenticators/sql.html) - [JWT](https://www.pac4j.org/docs/authenticators/jwt.html) - [MongoDB](https://www.pac4j.org/docs/authenticators/mongodb.html) - [CouchDB](https://www.pac4j.org/docs/authenticators/couchdb.html) - [IP address](https://www.pac4j.org/docs/authenticators/ip.html) - [REST API](https://www.pac4j.org/docs/authenticators/rest.html)
## Authorization mechanisms:
[Roles](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#roles) - [Anonymous/remember-me/(fully) authenticated](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#authentication-levels) - [Profile type, attribute](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#others)
[CORS](https://www.pac4j.org/docs/authorizers/web-authorizers.html#cors) - [CSRF](https://www.pac4j.org/docs/authorizers/web-authorizers.html#csrf) - [Security headers](https://www.pac4j.org/docs/authorizers/web-authorizers.html#security-headers) - [IP address, HTTP method](https://www.pac4j.org/docs/authorizers/web-authorizers.html#others)
---
## Versions
The latest released version is the [](https://maven-badges.herokuapp.com/maven-central/org.pac4j/pac4j-core), available in the Maven central repository.
The [next version](https://www.pac4j.org/docs/next-version.html) is under development.
Read the [documentation](https://www.pac4j.org/docs/index.html) for more information.
## Need help?
You can use the [mailing lists](https://www.pac4j.org/mailing-lists.html) or the [commercial support](https://www.pac4j.org/commercial-support.html).
## Supported by
[](https://www.casinthecloud.com) *The CAS and pac4j consulting company*