OACC 2.0 Java Application Security Framework: new release candidate available
Join the DZone community and get the full member experience.Join For Free
A second release candidate of the open source OACC Java™ Application Security Framework (OACC v2.0.0-rc.2) was released on March 23, 2015 and is available for download at oaccframework.org .
This release candidate features a more complete and consistent API and includes enhancements influenced by community feedback.
Changes in RC2:
- adds new and improves existing API methods to check permissions
- introduces a new and structured exception hierarchy
- fixes all known bugs
The full release notes are available at http://oaccframework.org/downloads.html.
What is OACC?
OACC is a permission-based application security framework for Java™ that provides authentication and authorization services.
It supports hierarchical security domains, super users, permission inheritance and impersonation.
In a nutshell, OACC allows your application to enforce security by answering the question:
Is entity ‘A’ allowed to perform action ‘p’ on entity ‘B’?
The key design goals of OACC are:
- simplify the maintenance of complex, real world security topologies
- allow both fine and coarse grained access control
- support logical security domains for use in multi-tenant application architectures
OACC is open source software released under the commercial friendly Apache License, Version 2.0.
More information about OACC, including the latest Javadocs, releases, and tutorials, is available at oaccframework.org .
Opinions expressed by DZone contributors are their own.