Hello everyone, I am xiaobian South wind blowing, every day to recommend a small tool/source, full of your favorites, let you easily save development efficiency, do not work overtime do not stay up late do not lose hair!

Today xiaobian recommends a lightweight Java permission authentication framework, mainly to solve: login authentication, permission authentication, Session Session, single sign-on, OAuth2.0 and a series of permission related issues. Framework for kicking people offline, automatic renewal, front and background separation, distributed session… And other common business for N more adaptation, through this project, you can in a minimalist way to achieve the system’s authority authentication part.

Open source licenses

Use the Apache-2.0 open source license

The link address

【sat】 obtain git address

features

  • Simple: zero configuration startup framework, real out of the box, low-cost start
  • Powerful: It integrates dozens of permission-related features, covering solutions in most service scenarios
  • Easy to use: Silky API calls and a host of advanced features all in one line of code
  • High scalability: Almost all components provide an extension interface, and more than 90% of the logic can be rewritten on demand

Function in

  • Login authentication – Easy login authentication with five segmented scenario values
  • Authorization authentication – To adapt to the RBAC authorization model, different roles are authorized differently
  • Session – A professional data caching center
  • Kick the user offline – immediately remove the illegal user offline
  • Account closure – block the specified account, so that it can not log in, but also specify the time to unblock
  • Persistence layer extension – can integrate Redis, Memcached and other professional cache middleware, restart data is not lost
  • Distributed session – Provides two distributed session solutions, JWT integration and shared data center
  • Microservices Network authentication – request interception authentication for common Gateway components such as Gateway, Soul, Zuul, etc
  • Single sign-on (SSO) – One login, access everywhere
  • Simulate other’s account – Real-time operation of any user status data
  • Temporary Identity Switch – Temporarily switch the session identity to another account
  • Cookie-free mode: Scenarios where front and back are separated, such as APPS and small programs
  • Mutually exclusive login – like QQ, both mobile phones and computers are online at the same time, but the login on both mobile phones is mutually exclusive
  • Multi-account authentication system – for example, the user and admin tables of a mall project are authenticated separately
  • Fancy Token Generation — There are six built-in token styles and custom token generation strategies
  • Annotated authentication – elegantly separates authentication from business code
  • Route interception authentication: Restful authentication based on route interception
  • Automatic renewal – Provides two token expiration policies that can be flexibly used together and can be automatically renewed
  • Session governance – Provides a convenient and flexible session query interface
  • Remember me mode – adapt [Remember me] mode, restart the browser without authentication
  • Password encryption: Provides the password encryption module, which can be used for fast MD5, SHA1, SHA256, AES, and RSA encryption
  • Global listener – Some AOP operations when the user logs in, logs out, gets kicked off, and so on
  • Out of the box – Provides SpringMVC, WebFlux and other common Web framework starter integration packages, truly out of the box

At the end

This issue is to share here, I am xiaobian South wind blowing, focus on sharing interesting, novel, practical open source projects and developer tools, learning resources! I hope to learn and communicate with you together. Welcome to follow my official account ** [Github navigation station] **.