Security Frameworks Research
- Former user (Deleted)
The idea of this page is to put together and discuss different security frameworks that we could potentially use in our architecture
Apache Shiro
This is an open-source authentication/authorization framework from Apache. The interesting thing about this framework is that it provides a clean and separated way to handle not only authentication, but also authorization.
The framework claims to be extensible and pluggable and it already provides integration with other frameworks/technologies like Spring and oAuth. Another good thing about this framework is that it is not tied to any particular technology (i.e. web container, JEE, etc); as it can be used in any java application.
The data-sources for authorization and authentication can be pluggable and, apparently, it has support for LDAP and MySQL back-ends out-of-the-box.