# pac4j

**Repository Path**: mirrors/pac4j

## Basic Information

- **Project Name**: pac4j
- **Description**: Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
- **Primary Language**: Unknown
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 8
- **Forks**: 6
- **Created**: 2019-10-15
- **Last Updated**: 2025-11-01

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

<p align="center">
  <img src="https://pac4j.github.io/pac4j/img/logo.png" width="300" />
</p>

### `pac4j` is an easy and powerful security framework for Java to authenticate users, get their profiles and manage authorizations in order to secure web applications and web services.

It provides a comprehensive set of [**concepts and components**](https://www.pac4j.org/docs/main-concepts-and-components.html).
It is **available for most frameworks/tools** and **supports most authentication/authorization mechanisms**.
It is licensed under the Apache 2 license.

| JDK | pac4j | Usage of Lombok |
|-----|-------|-----------------|
| 17  | v6.x  | Yes             |
| 11  | v5.x  | No              |
| 8   | v4.x  | No              |

## Available implementations (*Get started by clicking on your framework*):

[JEE](https://github.com/pac4j/j2e-pac4j)
&bull; [Spring Web MVC (Spring Boot)](https://github.com/pac4j/spring-webmvc-pac4j)
&bull; [Spring Webflux (Spring Boot)](https://github.com/pac4j/spring-webflux-pac4j)
&bull; [Apache Shiro](https://github.com/bujiio/buji-pac4j)
&bull; [Spring Security (Spring Boot)](https://github.com/pac4j/spring-security-pac4j)

[CAS server](https://apereo.github.io/cas/6.6.x/integration/Delegate-Authentication.html)
&bull; [Syncope](https://syncope.apache.org)
&bull; [Apache Knox](http://knox.apache.org/books/knox-1-6-0/user-guide.html#Pac4j+Provider+-+CAS+/+OAuth+/+SAML+/+OpenID+Connect)

[Play 2.x](https://github.com/pac4j/play-pac4j)
&bull; [Vertx](https://github.com/pac4j/vertx-pac4j)
&bull; [Spark Java](https://github.com/pac4j/spark-pac4j)
&bull; [Ratpack](http://ratpack.io/manual/current/pac4j.html#pac4j)
&bull; [JAX-RS](https://github.com/pac4j/jax-rs-pac4j)
&bull; [Dropwizard](https://github.com/pac4j/dropwizard-pac4j)

[Javalin](https://github.com/pac4j/javalin-pac4j)
&bull; [Pippo](http://www.pippo.ro/doc/security.html#pac4j-integration)
&bull; [Undertow](https://github.com/pac4j/undertow-pac4j)
&bull; [Lagom](https://github.com/pac4j/lagom-pac4j)
&bull; [Akka HTTP](https://github.com/StackVista/akka-http-pac4j)
&bull; [Jooby](https://jooby.io/modules/pac4j)

## Authentication mechanisms:

[OAuth (Facebook, Twitter, Google...)](https://www.pac4j.org/docs/clients/oauth.html) - [SAML](https://www.pac4j.org/docs/clients/saml.html) - [CAS](https://www.pac4j.org/docs/clients/cas.html) - [OpenID Connect](https://www.pac4j.org/docs/clients/openid-connect.html) - [HTTP](https://www.pac4j.org/docs/clients/http.html) - [Google App Engine](https://www.pac4j.org/docs/clients/google-app-engine.html) - [Kerberos (SPNEGO/Negotiate)](https://www.pac4j.org/docs/clients/kerberos.html)

[LDAP](https://www.pac4j.org/docs/authenticators/ldap.html) - [SQL](https://www.pac4j.org/docs/authenticators/sql.html) - [JWT](https://www.pac4j.org/docs/authenticators/jwt.html) - [MongoDB](https://www.pac4j.org/docs/authenticators/mongodb.html) - [CouchDB](https://www.pac4j.org/docs/authenticators/couchdb.html) - [IP address](https://www.pac4j.org/docs/authenticators/ip.html) - [REST API](https://www.pac4j.org/docs/authenticators/rest.html)

## Authorization mechanisms:

[Roles](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#roles) - [Anonymous/remember-me/(fully) authenticated](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#authentication-levels) - [Profile type, attribute](https://www.pac4j.org/docs/authorizers/profile-authorizers.html#others)

[CORS](https://www.pac4j.org/docs/authorizers/web-authorizers.html#cors) - [CSRF](https://www.pac4j.org/docs/authorizers/web-authorizers.html#csrf) - [Security headers](https://www.pac4j.org/docs/authorizers/web-authorizers.html#security-headers) - [IP address, HTTP method](https://www.pac4j.org/docs/authorizers/web-authorizers.html#others)

---

## Versions


The latest released version is the [![Maven Central](https://maven-badges.herokuapp.com/maven-central/org.pac4j/pac4j-core/badge.svg?style=flat)](https://maven-badges.herokuapp.com/maven-central/org.pac4j/pac4j-core), available in the Maven central repository.
The [next version](https://www.pac4j.org/docs/next-version.html) is under development.

Read the [documentation](https://www.pac4j.org/docs/index.html) for more information.


## Need help?

You can use the [mailing lists](https://www.pac4j.org/mailing-lists.html) or the [commercial support](https://www.pac4j.org/commercial-support.html).


## Supported by

[![CAS in the cloud](https://www.pac4j.org/img/logo-casinthecloud.png)](https://www.casinthecloud.com) *The CAS and pac4j consulting company*