Nimbus JOSE+JWT
jjwt
Our great sponsors
Nimbus JOSE+JWT | jjwt | |
---|---|---|
- | 4 | |
40 | 9,847 | |
- | 1.4% | |
0.0 | 8.3 | |
about 9 years ago | 4 days ago | |
Java | ||
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Nimbus JOSE+JWT
We haven't tracked posts mentioning Nimbus JOSE+JWT yet.
Tracking mentions began in Dec 2020.
jjwt
- Java JWT: JSON Web Token for Java and Android
-
A simple to use Java 8 JWT Library. Verify, Sign, Encode, Decode all day.
How does this compare to JJWT?
-
Null ECDSA Signatures - Proof of concept for bypassing JWT signature checks using CVE-2022-21449
Note that this PoC uses DER signature which is accepted by the jjwt library as fallback (see https://github.com/jwtk/jjwt/blob/master/impl/src/main/java/io/jsonwebtoken/impl/crypto/EllipticCurveSignatureValidator.java ), but that is not a standard. Standard is JOSE format.
-
JWT authentication in Spring Security and Angular
There are many open-source JWT implementations available for all languages. In this blog post, we use Java jjwt library in this blog post.
What are some alternatives?
Spring Security - Spring Security
jwt-java - JSON Web Token implementation for Java according to RFC 7519. Easily create, parse and validate JSON Web Tokens using a fluent API.
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
Bouncy Castle - Bouncy Castle Java Distribution (Mirror)
pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Apache Shiro - Apache Shiro
java-jwt-benchmark - Project for benchmarking popular Json Web Token (JWT) frameworks for Java using JMH.
Okta Authentication SDK for Java - okta-auth-java
owasp-zap-jwt-addon - OWASP ZAP addon for finding vulnerabilities in JWT Implementations