français

jGuard

• overview
• licence
• useful links
• quick start guide
• which jGuard authentication configuration?
• faq
• 0.64 web site (old)
• api (0.65)

jGuard install on j2ee

1. required librairies
2. AccessFilter and web.xml
3. integrate jGuard in your jsp
4. integrate jGuard in your servlets

Login Modules

• XmlLoginModule
• OracleLoginModule
• PostgreSQLLoginModule
• MySQLLoginModule
• DB2LoginModule
• SQLServerLoginModule

Authorization Managers

• XmlAuthorizationManager
• OracleAuthorizationManager
• PostgreSQLAuthorizationManager
• MySQLAuthorizationManager
• DB2AuthorizationManager
• SQLServerAuthorizationManager

Advanced jGuard

jGuard install on jvm

1. java.home
2. libraries and bootclasspath
3. java.security
4. jGuard.loginScheme
5. jGuard.policy

• jGuard and the SecurityManager

Overview

jGuard is a java security framework based on JAAS. this framework is written for web applications, to resolve simply, access control problems.

Features

• relies only on java 1.4 and j2ee 1.3 or higher
• can be adapted on any webapp, on any application server
• permit to a user to have more than one role simultaneously
• does not depend on a web framework, or an AOP framework
• build on top of the standard and very secure and flexible JAAS
• authentications and authorizations are handled by pluggable mechanisms
• handle authentication data stored in a database, an XML file, a JNDI datasource, an LDAP directory, Kerberos...
• changes take effects 'on the fly' (dynamic configuration)
• permissions, roles,and their associations can be created, updated,deleted on the fly through a webapp (an API is provided too)
• each webapp has its own authentications and authorizations configuration
• a taglib is provided to protect jsp fragment
• support security manager