Last modified by JeromeVelociter on 2010/12/08 16:46


jGuard is a java security framework based on JAAS. This framework is for resolving access control problems in web and standalone applications.


  • Only requires java 1.4 and j2ee 1.3 or higher
  • Can be adapted to any webapp, on any application server
  • Permits a user to have more than one role simultaneously
  • Does not depend on a web framework, or an AOP framework
  • Built on top of the standard, very secure, and flexible JAAS
  • Authentication and authorization are handled by pluggable mechanisms
  • Authentication data stored in a database, an XML file, a JNDI datasource, an LDAP directory, Kerberos...
  • Changes take effects 'on the fly' (dynamic configuration)
  • Permissions, roles, and their associations can be created, updated, deleted on the fly through a webapp (an API is provided too)
  • Each webapp has its own authentication and authorization configuration
  • A taglib is provided to protect jsp fragments
  • Support security manager
jGuard has 3 main libraries :
  • core : it contains the main jGuard features.
  • ext : it handles specific authentication and authorization managers such as XML or JDBC based managers. It also embeds login modules like JDBC or jCaptcha. A java-1.5 version includes jGuard security features for JMX.
  • jee : this libraries are meant for web applications. One for standard webapps and one for Ajax(with DWR framework) applications.
Created by diabolo512 on 2006/02/09 14:21

jGuard team copyright 2004-2009