Security

JOSSO

Home Page

Categories: Security

Latest version: 1.5
Added 2005-03-17Updated 2007-02-13

JOSSO, or Java Open Single Sign-On, is an open source J2EE-based SSO infrastructure aimed to provide a solution for centralized platform neutral user authentication.

Features include:
- Pluggable Framework: allows to implement and combine multiple authentication schemes with credential stores.
- Multi-platform Single Sign-On: JOSSO uses web services for asserting user identity, allowing the integration of non-Java applications to the Single Sign-On Service using the SOAP over HTTP protocol.
- Reverse Proxy Support: JOSSO comes with a Reverse Proxy component that can be used to create n-tier Single Sign-On configurations.
- Standard Based: security infrastructure is based on JAAS (Java Authentication and Authorization Service); web services are implemented using Axis; uses Struts and JSP.
- Support for Strong Authentication using X.509 client certificates.
- Client Plugin for Microsoft ASP: allows to build SSO-enabled ASP web applications.
- Authentication and SSL support for the Agent-Gateway SOAP channel.
- Support for multiple simultaneous authentication schemes.
- Compatibility with Apache Pluto Container.

Built for Java

Library

Free or free version available

Source code provided

Add to my favorites[NEW]

JSecureConnect

Home Page

Categories: JDBC, Security

Author: JNetDirect

Latest version: 2.0
Added 2006-02-13

Provides secure and firewall tunneling JDBC to a range of databases.
Secure JDBC access is provided with the SSL and HTTPS protocols. Firewall tunneling is provided with the HTTP and HTTPS protocols.

Features include:
- Security: JDBC data privacy; JDBC authentication; JDBC message integrity; Full-strength encryption keys
- Supports Oracle, DB2, SQL Server, MySQL and Microsoft Access
- HTTP tunneling
- JDBC compliance
- May be configured for operation with your web server

Built for Java

Add to my favorites[NEW]

jGuard

Home Page

Categories: Security

Latest version: 0.64
Added 2005-02-02

jGuard is a Java security framework based on JAAS. This framework is written for web applications, to resolve access control problems.

Main features are:
* relies only on Java 1.4 and J2EE 1.3 or higher
* can be adapted on any webapp, on any application server
* does not depend on a web framework, or an AOP framework
* built on top of JAAS
* authentications and authorizations are handled by pluggable mechanisms
* changes take effects "on the fly" (dynamic configuration)
* each webapp has its own authentications and authorizations configuration
* a taglib is provided to protect JSP fragment
* supports security manager

Built for Java

Free or free version available

Source code provided

Add to my favorites[NEW]

J2SSH Maverick

Home Page

Categories: Internet and communications, Security

Author: 3SP

Latest version: 1.2.11
Added 2006-10-03

SSH API for Java.
J2SSH Maverick is compatible for all versions of the Java Development Kit with support for SSH1, SSH2, SFTP and SCP.

Features include:
- 100% Java; Requires no external dependencies, no JCE required: Compatible with JDK1.1+ and J2ME
- Support for both SSH protocols, SSH1 and SSH2
- JAR sizes: 148k minimum to support both protocols, 325k for complete feature set
- Password, Public key, Hostbased, and Keyboard Interactive authentication
- 3DES, DES and Blowfish ciphers; Optional Twofish, AES and CAST ciphers
- Stateful decryption counter (SDCTR) mode cipher for AES
- SHA1, MD5 Message Authentication Codes (MACS)
- SFTP, SCP File Transfer protocols
- RSA, DSA public/private key file generation, in SSHTools, OpenSSH and SSH1 formats
- Supports reading of PuTTY and SSH.com public/private keys
- Port forwarding; X Forwarding
- ZLIB compression
- HTTP, SOCKS 4 and SOCKS 5 proxy support

Built for Java

Library

Source code provided

Add to my favorites[NEW]

Terminal Components

Home Page

Categories: Internet and communications, Security

Author: 3SP

Latest version: 1.1.6
Added 2006-10-03

Implementations of a standard ANSI/VT terminal with both Swing and AWT versions available.

Features Include:
- Compatible with JDK1.1+
- 100% Java
- Separate AWT and Swing versions
- Distribution sizes: 119K for AWT version and 111K for Swing
- Includes Telnet, rcommand , rlogin and rexec transport scheme plug-ins
- Optional SSH plug-in available using the J2SSH Maverick API
- Supports VT100, VT220, VT320 and ANSI emulations
- Virtual terminal framework enables multiple tabbed sessions in each terminal instance
- Transport scheme interface allows for additional protocols to be plugged in at runtime
- XML based profile for connection persistence
- Supports charset conversion

Built for Java

Library

Source code provided

Add to my favorites[NEW]

jChains

Home Page

Categories: Security

Author: Marc Schoenefeld

This custom security manager framework records the permissions needed for the codebases (jars) of j2se applications running under access control of a security manager. The resulting policy file is recorded while running the program and is useful as a starting point when developing a security policy for a java application. When run against libraries when source is not available it is useful for reverse engineering, revealing the permission needed to use the libraries. This is helpful when you do not trust the jar, and do not want to grant it the AllPermission free ride ticket.

Built for Java

Free or free version available

Source code provided

Add to my favorites[NEW]