java-webauthn-server
akka-http-session
java-webauthn-server | akka-http-session | |
---|---|---|
4 | 1 | |
429 | 438 | |
1.4% | 0.0% | |
8.5 | 4.6 | |
about 1 month ago | 9 months ago | |
Scala | Scala | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
java-webauthn-server
-
A Passwordless Future! Passkeys for Java Developers
java-webauthn-server: A library from Yubico that supports many attestation format. But it is not 100% FIDO2 conformant.
-
Is there any way to allow login with a Yubikey across multiple domain names (explanation inside)
I have some example code here: https://github.com/Yubico/java-webauthn-server/blob/main/webauthn-server-demo/src/main/webapp/index.html
- What's the state of WebAuthn for Java? Has anyone had to implement WebAuthn for one of their projects?
-
Software and drivers
If you need them to use one of a set of trusted authenticator models, then you need attestation. Your authentication servers will need to compile a set of acceptable attestation root certificates, and require that all enrolled credentials have a valid attestation statement that correctly chains to one of those trusted root certificates. Yubico provides libraries to help with this for Python and Java You can provide the devices or let users self-source one on the list of acceptable models. Your webapp will also need to guide users to use the correct authenticator if they attempt to use an untrusted one. Note that this will only let you verify an authenticator model, not individual YubiKeys (i.e., not on serial number level).
akka-http-session
-
Since PlayFramework has stalled in development, any tips on migrating to akka-http?
For session support with JWT, look at https://github.com/softwaremill/akka-http-session
What are some alternatives?
webauthn4j - A portable Java library for WebAuthn(Passkeys) server side verification
play-silhouette - Silhouette is an authentication library for Play Framework applications that supports several authentication methods, including OAuth1, OAuth2, OpenID, CAS, 2FA, TOTP, Credentials, Basic Authentication or custom authentication schemes.
webauthn4j-spring-security - WebAuthn4J Extension for Spring Security
play-pac4j - Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
webauthn-json - 🔏 A small WebAuthn API wrapper that translates to/from pure JSON using base64url.
scala-oauth2-provider - OAuth 2.0 server-side implementation written in Scala
windows-fido-bridge - An OpenSSH SK middleware that allows you to use a FIDO/U2F security key (e.g. a YubiKey) to SSH into a remote server from WSL or Cygwin.
AWS Request Signer - Scala library to sign HTTP requests to AWS services.
Play Google Auth Module * 12 ⧗ 4 - Simple play module for authenticating against Google
SecureSocial - A module that provides OAuth, OAuth2 and OpenID authentication for Play Framework applications
play2-auth - Play2.x Authentication and Authorization module
OAuth2-mock-play - An implementation of an OAuth2 server designed for mocking/testing