Last modified by XWikiGuest on 2010/11/04 16:45


jGuard is a java security framework based on JAAS. This framework is written to resolve access control problems in web applications.


  • Relies only on java 1.4 and j2ee 1.3 or higher
  • Can be adapted to work with any webapp, on any application server
  • Permit a user to have more than one role simultaneously
  • Does not depend on a web framework, or an AOP framework
  • Built on top of the standard, very secure, and flexible JAAS
  • Authentication and authorization are handled by pluggable mechanisms
  • Handle authentication data stored in a database, an XML file, a JNDI datasource, an LDAP directory, Kerberos...
  • Changes take effects 'on the fly' (dynamic configuration)
  • Permissions, roles,and their associations can be created, updated, deleted on the fly through a webapp (an API is provided too)
  • Each webapp has its own authentication and authorization configuration
  • A taglib is provided to protect jsp fragment
  • Support security manager
Created by diabolo512 on 2005/09/03 23:06

jGuard team copyright 2004-2009