OACC (pronounced Oak) is an advanced Java Application Security Framework. OACC provides a high-performance access control API that provides permission based authorization services for Java application objects.
It has support for hierarchical domains, super users, permission inheritance and impersonation.
In a nutshell, OACC allows your application to enforce security by answering the question:
OACC Framework alternatives and similar libraries
Based on the "Security" category.
Alternatively, view OACC Framework alternatives based on common mentions on social networks and blogs.
9.3 9.6 L2 OACC Framework VS KeycloakIntegrated SSO and IDM for browser apps and RESTful web services.
8.7 6.6 L3 OACC Framework VS Apache ShiroPerforms authentication, authorization, cryptography and session management.
8.4 9.5 L5 OACC Framework VS CryptomatorMultiplatform transparent client-side encryption of files in the cloud.
7.5 9.5 L2 OACC Framework VS Bouncy CastleAll-purpose cryptographic library. JCA provider, wide range of functions from basic helpers to PGP/SMIME operations.
6.4 7.2 OACC Framework VS jCasbinAn authorization library that supports access control models like ACL, RBAC, ABAC in Java
6.0 0.0 OACC Framework VS Google KeyczarEasy to use, yet safe encryption framework with key versioning.
5.9 8.1 L3 OACC Framework VS Themis by Cossack LabsCrypto library for storage and messaging for Swift, ObjC, Android, С++, JS, Python, Ruby, PHP, Go
The Okta Spring Boot Starter can be used to add OAuth 2.0 authorization to Spring Boot applications.
3.7 2.5 L2 OACC Framework VS HdivRuntime application self-protection against OWASP Top 10 security risks such us Insecure Direct Object References, SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and much more.
The Okta Authentication SDK can be used in scenarios where using OAuth 2.0 is not possible.
Secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets. It handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more.
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest. Visit our partner's website for more details.
Do you think we are missing an alternative of OACC Framework or a related project?
OACC Java Application Security Framework
What is OACC?
OACC - pronounced [oak] - is a fully featured API to both enforce and manage your application's authentication and authorization needs.
In a nutshell, OACC provides permission-based authorization services and allows your application to enforce security by answering the question:
Is entity 'A' allowed to perform action 'p' on entity 'B'?
Fully implemented API
All the functionality to manage your application's security model, out of the box.
Single access-control paradigm
Always operate at the resource level. Manage permissions exclusively between resources.
Flexible security model
Secure any operation between your domain objects and the actors on them.
Authorize subjects to delegate their permissions to others with GRANT OPTIONS.
Authorize an authenticated subject to securely "impersonate" another subject.
Efficient query methods
Find resources by permission with efficient symmetric query methods.
Learn more about all of OACC's authorization and authentication features on the Features page of the project website.
OACC is open source software released under the commercial friendly Apache License, Version 2.0.
OACC persists all security relationships in database tables and currently supports the following databases:
- IBM DB2 10.5
- Microsoft SQL Server 12.0 (2014)
- Oracle 11g R2
- PostgreSQL 9.3
- HSQLDB 2.3
- MySQL 5.6 / MariaDB 10.0
- SQLite 3.8
OACC is compatible with Java™ SE 7 (Java™ version 1.7.0), or higher.
The easiest way to include the latest OACC release into your project is to declare the following Maven coordinates as a dependency in your POM file:
<dependency> <groupId>com.acciente.oacc</groupId> <artifactId>acciente-oacc</artifactId> <version>2.0.0</version> </dependency>
To install, configure and initialize the OACC database, please refer to the Get Started Tutorial on the project website.
The SecureTodo sample application illustrates how to integrate OACC into a Java application and how to address several real-world authorization scenarios. The writeup is also available in the Github repository that contains the full source code.
You can find more information about OACC, including the latest Javadocs, releases, and tutorials on the project website: oaccframework.org.
Acciente, LLC is a software company located in Scottsdale, Arizona specializing in systems architecture and software design for medium to large scale software projects.
*Note that all licence references and agreements mentioned in the OACC Framework README section above are relevant to that project's source code only.