OPA Ecosystem / Integrations / Authorization for Spring Security

Authorization for Spring Security

Spring Security provides a framework for securing Java applications. These integrations provide simple implementations for Spring Security that use OPA for making API authorization decisions. They provide support for both traditional Spring Security (MVC), as well as an implementation for Spring Reactive (Web Flux).

Code & Repos

https://github.com/open-policy-agent/contrib/tree/master/spring_authz
https://github.com/Bisnode/opa-spring-security
https://github.com/build-security/opa-java-spring-client
https://github.com/massenz/jwt-opa
https://github.com/eugenp/tutorials/tree/master/spring-security-modules/spring-security-opa

Tutorials

https://github.com/open-policy-agent/contrib/blob/master/spring_authz/README.md
https://github.com/massenz/jwt-opa#web-server-demo-app
https://www.baeldung.com/spring-security-authorization-opa

Related Software

Java in the OPA Ecosystem
- www.java.com/

Inventors

Styra in the OPA Ecosystem
- styra.com
build.security in the OPA Ecosystem
- www.elastic.co/blog/elastic-and-build-security-shifting-left-together-to-secure-the-cloud
Bisnode in the OPA Ecosystem
- www.bisnode.com
AlertAVert.com in the OPA Ecosystem
- www.alertavert.com/

Labels

Category	application
Layer	network

Do you have an OPA-based project or integration to share? Follow these instructions to get it listed or go to the #ecosystem channel in the OPA Slack if you have any questions.