Examples for the Octopus framework (Java EE Security framework)
NOTICE : I'm in the process of converting these examples to Atbash Octopus. The code for the 'old' Octopus is available within the 'old'-octopus branch.
Contains some code examples of features of Octopus.
/scs Self-Contained System demo see section Self-Contained Systems in the blog
/sessionHijacking Session Hijacking protection demo
Updated to Atbash Octopus
/octopus-soteria Java EE Security API integration with Octopus
/dynamicFilterChain
Custom FilterChainManager for custom loading of filter chain definitions and dynamically applying them.
Contains the code examples which are created in the GitBook "Octopus cookbook".
/ex1 Simple JSF Application Getting Started with Authentication
/ex1_alt1 Custom location for securedURLs.ini Chapter1 alternative 1
/ex1_alt2 Custom file for the login page Chapter1 alternative 2
/ex1_alt3 Alternative name for the loginBean Chapter1 alternative 3
/ex2 Securing JSF Components Adding Authorization
/ex2_alt1 Simple permissions Chapter2 alternative 1
/ex2_alt2 Named permissions (String) Chapter2 alternative 2
/ex2_alt3 Named permissions (Enum) Chapter2 alternative 3
/ex3 Add logout feature
/ex3_part2 Basic CDI events
/ex3_alt1 Specify logout page Chapter3 alternative 1
/ex3_add1 Audit user URL requests
/ex4 Securing EJB methods
/ex5_srv Server app with JAX-RS endpoint Building Octopus security context from JWT within header
/ex5 Client app calling JAX-RS endpoint Adding JWT with authentication/authorization info about user automatically to JAX-RS client call
/ex6 Authentication using Hashed passwords stored in DB
/ex6_alt1Key derivation functions as passwords Chapter6 alternative 1
/ex6_alt2HEX encoded hashed passwords Chapter6 alternative 2
/ex7 Remember-me functionality
/ex7_alt1Configuration of the cookie of remember-me Chapter7 alternative 1
/ex8 authentication/authorization with LDAP
/ex9 authentication/authorization with Google OAuth2 / OpenIdConnect
/ex9_alt1 authentication/authorization with Github OAuth2 / OpenIdConnect Chapter9 alternative 1
/ex9_alt2 authentication/authorization with multiple OAuth2 / OpenIdConnect Chapter9 alternative 2
Some additional projects for testing
/minimal: The minimal configuration required to make Octopus run.
/classpathURLFile: securedURLs.ini on classpath
/EE6_altConfig: alternatives 1, 2 and 3 for a Java EE 6 setup.
/classpathURLFile: URL patterns defined in a classpath file.
/permissionEnumMissing : JSF view uses name which doesn't exist in Enum.