|almost 2 years ago||2 days ago|
|GNU General Public License v3.0 only||Apache License 2.0|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
We haven't tracked posts mentioning apg yet.
Tracking mentions began in Dec 2020.
Spring with java vs Spring with kotlin
4 projects | /r/Kotlin | 15 Sep 2022
To be fair there were quite some unexpected surprises in the past with Spring and Kotlin (e.g. the Cachable annotation did not work with suspend functions, not all Spring security annotations were supported with coroutines), but most of them were ironed out already.
Spring Security WebSecurityConfigurerAdapter deprecated
2 projects | /r/SpringBoot | 17 Aug 2022
They recently updated all the examples in the javadocs if you wanna bump your Spring Security version to 5.7.3 (see here). Otherwise the reference docs all reflect the non-deprecated approach that uses SecurityFilterChain and supporting beans.
🎀 Spring Boot 2.7.0 Released
7 projects | dev.to | 21 Jun 2022
Spring Security 5.7
Spring Reactive Oauth2 Webclient not using configured proxy
2 projects | /r/javahelp | 4 Jan 2022
When i start the flow, no proxy is used and even the WebClient is not used to get access token. And i get a timeout exception for that. The same issue was discussed in Github: https://github.com/spring-projects/spring-security/issues/8966
How to ignore Url from Once per request filter
3 projects | /r/javahelp | 12 May 2021
In any case, you need to override doFilter and check your URL there. See AbstractPreAuthenticatedProcessingFilter.3 projects | /r/javahelp | 12 May 2021
You can extract (and validate) the JWT token into the Principal by implementing the getPreAuthenticatedPrincipal method, and map the claims to user details by providing through a custom implementation of AuthenticationUserDetailsService.
What are some alternatives?
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
Bouncy Castle - Bouncy Castle Java Distribution (Mirror)
Apache Shiro - Apache Shiro
jCasbin - An authorization library that supports access control models like ACL, RBAC, ABAC in Java
Nimbus JOSE+JWT - JSON Web Token (JWT) implementation for Java with support for signatures (JWS), encryption (JWE) and web keys (JWK).
jjwt - Java JWT: JSON Web Token for Java and Android
pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Hdiv - Hdiv CE | Application Self-Protection
OACC Framework - OACC (Object ACcess Control) is an advanced Java Application Security Framework
Okta Spring Boot Starter - Okta Spring Boot Starter
Cryptomator - Multi-platform transparent client-side encryption of your files in the cloud