Did you find a Security Vulnerability in any of the JBoss Products? If yes, then you can either email (security AT jboss DOT com) or (security AT jboss DOT org). You can also use the following Red Hat Security Team page to report: JBoss/Red Hat Security Vulnerability Reporting (Your information will be Confidential)

What is JBoss Security?

JBoss Security is an umbrella project that provides security capabilities in the Java world.

If you are interested in Identity Management and Federated Identity (SAML, WS-Trust, OpenId) etc, then you can visit the sub-project: JBoss Identity.
If you are interested in Access Control/Entitlements Management, please have a look at JBossXACML.
If you are interested in library that provides authentication, authorization, audit capabilities in a regular Java environment, then please see in the downloads section for JBossSecurity libraries.
If you are interested in SPNego/Windows Desktop SSO, then please have a look at the downloads section for JBossNegotiation.

Who are the members of JBoss Security?

Leadership: Anil Saldhana

Developers: Stefan Guilhen

Contributions: Darran Lofthouse and Marcus Moyses.

HISTORY OF JBOSS SECURITY

Please visit the http://jboss.org/jbosssecurity/history.html page.

FEATURES

Secure authentication of users via JAAS login modules.
Extensible authentication of users via JAAS login modules.
Support for custom per method authentication of users via integration with the EJB container method interceptor.
Support for JAAS Subject based authorization of users.
Flexible mapping from legacy security systems to JAAS Subject based permissions.

Security Vulnerabilities Contact

If you find any vulnerability in JBoss suite of Projects/Products, please do not hesitate to use the following page and the associated email address on the page, to securely communicate the vulnerability information: JBoss/Redhat Security Vulnerability. You can also email either (security AT jboss DOT com) or (security AT jboss DOT org). Your information will be private and confidential.

Latest News

Please read the blog at Anil Saldhana's Blog

Please read the press release issued by Oasis at the end of the Burton Catalyst XACML Interoperability Event here. Oasis News Release (June 28, 2007)

Faces

Anil Saldhana Scott Stark Stefan Guilhen Marcus Moyses

Community/Standards Participation

We support the following Standards Organizations with participation on various technical committees and working groups.

Java Community Process Oasis W3C

	JBoss Security Downloads
	Subcategories: JBoss Security Libraries JBoss XACML Libraries IDTrust Libraries (USE PICKETBOX) JBoss Negotiation Libraries Want additional assistance? Contact Support Services. Show details

JBoss Community

JBoss Security