Skip to content
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Java Shell
Branch: master
Clone or download
renovate and renovate-bot Update dependency com.nimbusds:nimbus-jose-jwt to v8.8 (#1527)
Co-authored-by: WhiteSource Renovate <renovatebot@gmail.com>
Latest commit 2ac237c Feb 24, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github issue & PR templates May 25, 2017
documentation Update dependency materialize to v1 (#1519) Feb 18, 2020
pac4j-cas [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-config [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-core method renaming: getNativeSession Feb 21, 2020
pac4j-couch [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-gae [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-http [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-jwt [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-kerberos [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-ldap [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-mongo Profile service read password attribute when validate (#1521) Feb 20, 2020
pac4j-oauth [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-oidc Update dependency com.nimbusds:oauth2-oidc-sdk to v7.1 (#1528) Feb 24, 2020
pac4j-openid [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-saml [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-springboot [maven-release-plugin] prepare for next development iteration Feb 20, 2020
pac4j-sql Profile service read password attribute when validate (#1521) Feb 20, 2020
travis no doc for TRAVIS_TAG Apr 3, 2018
.editorconfig Add .editorconfig file (#907) Apr 28, 2017
.gitignore Turn most web authorizers into matchers (#1470) Dec 6, 2019
.travis.yml Update .travis.yml (#1461) Nov 26, 2019
CONTRIBUTING.md CONTRIBUTIN.md May 25, 2017
LICENSE Remove messed up formatting Mar 8, 2016
NOTICE remove header license Feb 24, 2016
README.md add AkkaHTTP implem ref May 8, 2019
checkstyle.xml update to maven checkstyle plugin v3.1.1 Feb 17, 2020
pom.xml Update dependency com.nimbusds:nimbus-jose-jwt to v8.8 (#1527) Feb 24, 2020
renovate.json trying renovate Sep 2, 2019
spotbugs-exclude.xml warn is static Feb 11, 2020

README.md

pac4j is an easy and powerful security engine for Java to authenticate users, get their profiles and manage authorizations in order to secure web applications and web services.

It provides a comprehensive set of concepts and components. It is based on Java 8 and available under the Apache 2 license. It is available for most frameworks/tools and supports most authentication/authorization mechanisms.

Available implementations (Get started by clicking on your framework):

Spring Web MVC (Spring Boot)JEEApache ShiroSpring Security (Spring Boot)Play 2.xVertx

Spark JavaJavalinRatpackPippoUndertowJooby

CAS serverJAX-RSDropwizardLagomAkka HTTPApache Knox

Authentication mechanisms:

OAuth (Facebook, Twitter, Google...) - SAML - CAS - OpenID Connect - HTTP - OpenID - Google App Engine - Kerberos (SPNEGO/Negotiate)

LDAP - SQL - JWT - MongoDB - CouchDB - IP address - REST API

Authorization mechanisms:

Roles/permissions - Anonymous/remember-me/(fully) authenticated - Profile type, attribute

CORS - CSRF - Security headers - IP address, HTTP method


Versions

The latest released version is the Maven Central, available in the Maven central repository. The next version is under development.

Read the documentation for more information.

Need help?

If you need commercial support (premium support or new/specific features), contact us at info@pac4j.org.

If you have any questions, want to contribute or be notified about the new releases and security fixes, please subscribe to the following mailing lists:

Supported by

CAS in the cloud The CAS and pac4j consulting company

Third-party extensions

There exist extensions to pac4j developed by third parties. The extensions provide features not available in the core pac4j distribution. At the moment, the following extension are known:

You can’t perform that action at this time.