Popularity

7.2

Stable

Activity

8.6

Growing

Stars 2,437

Watchers 63

Forks 208

Last Commit 8 days ago

Programming language: Java

License: Apache License 2.0

Tags: Security

Latest version: v0.10.2

Keywhiz alternatives and similar libraries

Based on the "Security" category.
Alternatively, view Keywhiz alternatives based on common mentions on social networks and blogs.

Keycloak

9.4 9.8 L2 Keywhiz VS Keycloak

Open Source Identity and Access Management For Modern Applications and Services
Spring Security

9.3 9.8 L4 Keywhiz VS Spring Security

Spring Security

Scout APM: A developer's best friend. Try free for 14-days

Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

Promo scoutapm.com

jjwt

8.9 6.0 L1 Keywhiz VS jjwt

Java JWT: JSON Web Token for Java and Android
Apache Shiro

8.7 7.4 L3 Keywhiz VS Apache Shiro

Apache Shiro
Cryptomator

8.5 9.8 L5 Keywhiz VS Cryptomator

Multi-platform transparent client-side encryption of your files in the cloud
Bouncy Castle

7.6 9.8 L2 Keywhiz VS Bouncy Castle

Bouncy Castle Java Distribution (Mirror)
pac4j

7.5 9.5 L4 Keywhiz VS pac4j

Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
jCasbin

6.6 7.2 Keywhiz VS jCasbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Java
Google Keyczar

6.0 0.0 Keywhiz VS Google Keyczar

Easy-to-use crypto toolkit
Themis by Cossack Labs

6.0 8.1 L3 Keywhiz VS Themis by Cossack Labs

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Okta Spring Boot Starter

4.2 7.5 Keywhiz VS Okta Spring Boot Starter

Okta Spring Boot Starter
Hdiv

3.8 2.1 L2 Keywhiz VS Hdiv

Hdiv CE | Application Self-Protection
PicketLink

3.7 0.0 L4 Keywhiz VS PicketLink

Umbrella project for security and identity management.
Nbvcxz

3.5 1.5 L3 Keywhiz VS Nbvcxz

Password strength estimator
OACC Framework

3.1 0.0 L1 Keywhiz VS OACC Framework

OACC (Object ACcess Control) is an advanced Java Application Security Framework
Okta Authentication SDK for Java

2.9 6.3 Keywhiz VS Okta Authentication SDK for Java

okta-auth-java
Nimbus JOSE+JWT

2.2 0.0 Keywhiz VS Nimbus JOSE+JWT

JSON Web Token (JWT) implementation for Java with support for signatures (JWS), encryption (JWE) and web keys (JWK).
Vault

- Keywhiz VS Vault

Secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets. It handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more.

* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.

Do you think we are missing an alternative of Keywhiz or a related project?

Add another 'Security' Library

Popular Comparisons

README

Keywhiz

Keywhiz is a system for distributing and managing secrets. For more information, see the website.

Our Protecting infrastructure secrets with Keywhiz blog post is worth reading, as it provides some useful context.

Develop

Keywhiz requires Java 11 and MySQL 5.7 or higher.

See [CONTRIBUTING](CONTRIBUTING.md) for details on submitting patches.

Build Keywhiz:

mvn install

Run Keywhiz:

java -jar server/target/keywhiz-server-*-shaded.jar [COMMAND] [OPTIONS]

Useful commands to get started are migrate, add-user and server. Use with --help for a list of all available commands. Use with [COMMAND] --help to get help on a particular command.

For example, to run Keywhiz with a mysql database in development mode:

SERVER_JAR="server/target/keywhiz-server-*-shaded.jar"
KEYWHIZ_CONFIG="server/target/classes/keywhiz-development.yaml"

# Initialize dev database
java -jar $SERVER_JAR migrate $KEYWHIZ_CONFIG

# Add an administrative user
java -jar $SERVER_JAR add-user $KEYWHIZ_CONFIG

# Run server
java -jar $SERVER_JAR server $KEYWHIZ_CONFIG

To connect to a running Keywhiz instance, you will need to use the CLI.

An example helper shell script that wraps the keywhiz-cli and sets some default parameters:

#!/bin/sh

# Set the path to a compiled, shaded keywhiz-cli JAR file
KEYWHIZ_CLI_JAR="/path/to/keywhiz-cli-shaded.jar"
KEYWHIZ_SERVER_URL="https://$(hostname):4444"

# Use these flags if you want to specify a non-standard CA trust store.
# Alternatively, in development and testing specify the --devTrustStore 
# flag to use the default truststore (DO NOT use this in production, as
# the truststore is checked into Keywhiz' code).
TRUSTSTORE="-Djavax.net.ssl.trustStore=/path/to/ca-bundle.jceks"
TRUSTTYPE="-Djavax.net.ssl.trustStoreType=JCEKS"

java "$TRUSTSTORE" "$TRUSTTYPE" -jar "$KEYWHIZ_CLI_JAR" -U "$KEYWHIZ_SERVER_URL" "[email protected]"

Keywhiz uses jOOQ to talk to its database.

If you made changes to the database model and want to regenerate sources:

mvn install -pl model/ -Pgenerate-jooq-sources

We recommend IntelliJ IDEA for development.

Clients & API

Square also maintains a Keywhiz client implementation called Keysync.

Docker

We ship a [Dockerfile](Dockerfile) for building a Docker container for Keywhiz. Please see the Dockerfile for extra instructions.

License

Keywhiz is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details.

*Note that all licence references and agreements mentioned in the Keywhiz README section above are relevant to that project's source code only.

Keywhiz

A system for distributing and managing secrets

Keywhiz alternatives and similar libraries

Popular Comparisons

README

Keywhiz

Develop

Clients & API

Docker

License