Hello everyone, I am xiaobian South wind blowing, every day to recommend a small tool/source, full of your favorites, let you easily save development efficiency, do not work overtime do not stay up late do not lose hair!
Today xiaobian recommends a lightweight Java permission authentication framework, mainly to solve: login authentication, permission authentication, Session Session, single sign-on, OAuth2.0 and a series of permission related issues. Framework for kicking people offline, automatic renewal, front and background separation, distributed session… And other common business for N more adaptation, through this project, you can in a minimalist way to achieve the system’s authority authentication part.
Open source licenses
Use the Apache-2.0 open source license
The link address
【sat】 obtain git address
features
- Simple: zero configuration startup framework, real out of the box, low-cost start
- Powerful: It integrates dozens of permission-related features, covering solutions in most service scenarios
- Easy to use: Silky API calls and a host of advanced features all in one line of code
- High scalability: Almost all components provide an extension interface, and more than 90% of the logic can be rewritten on demand
Function in
- Login authentication – Easy login authentication with five segmented scenario values
- Authorization authentication – To adapt to the RBAC authorization model, different roles are authorized differently
- Session – A professional data caching center
- Kick the user offline – immediately remove the illegal user offline
- Account closure – block the specified account, so that it can not log in, but also specify the time to unblock
- Persistence layer extension – can integrate Redis, Memcached and other professional cache middleware, restart data is not lost
- Distributed session – Provides two distributed session solutions, JWT integration and shared data center
- Microservices Network authentication – request interception authentication for common Gateway components such as Gateway, Soul, Zuul, etc
- Single sign-on (SSO) – One login, access everywhere
- Simulate other’s account – Real-time operation of any user status data
- Temporary Identity Switch – Temporarily switch the session identity to another account
- Cookie-free mode: Scenarios where front and back are separated, such as APPS and small programs
- Mutually exclusive login – like QQ, both mobile phones and computers are online at the same time, but the login on both mobile phones is mutually exclusive
- Multi-account authentication system – for example, the user and admin tables of a mall project are authenticated separately
- Fancy Token Generation — There are six built-in token styles and custom token generation strategies
- Annotated authentication – elegantly separates authentication from business code
- Route interception authentication: Restful authentication based on route interception
- Automatic renewal – Provides two token expiration policies that can be flexibly used together and can be automatically renewed
- Session governance – Provides a convenient and flexible session query interface
- Remember me mode – adapt [Remember me] mode, restart the browser without authentication
- Password encryption: Provides the password encryption module, which can be used for fast MD5, SHA1, SHA256, AES, and RSA encryption
- Global listener – Some AOP operations when the user logs in, logs out, gets kicked off, and so on
- Out of the box – Provides SpringMVC, WebFlux and other common Web framework starter integration packages, truly out of the box
At the end
This issue is to share here, I am xiaobian South wind blowing, focus on sharing interesting, novel, practical open source projects and developer tools, learning resources! I hope to learn and communicate with you together. Welcome to follow my official account ** [Github navigation station] **.