Jasypt 1.1 adds Spring Security (ACEGI) integration

Discussions

News: Jasypt 1.1 adds Spring Security (ACEGI) integration

  1. Jasypt is a library aimed at providing developers a simple way to add encryption capabilities to their projects including: password digesting, text/binary encryption, hibernate transparent integration and, new in 1.1, ACEGI integration for improving strength of managed passwords. What's new in 1.1:
    • ACEGI transparent integration.
    • New util classes, like a new StrongPasswordEncryptor.
    • Environment variable / JVM System property based configuration.
    • New documentation guides.
    Jasypt's main features:
    • Jasypt follows the RSA standards for password-based cryptography, and provides you with both unidirectional and bidirectional encryption techniques.
    • Higher security for your users' passwords.
    • Binary encryption support. Besides texts, it allows the digest and encryption of binaries (byte arrays). Encrypt your objects when needed (for being sent over the net, for example)
    • Completely thread-safe.
    • Easy, no-configuration encryption tools for users new to encryption.
    • Highly configurable standard encryption tools, for power-users.
    • Hibernate 3 integration add-on (jasypt-hibernate) for persisting fields of your mapped entities in an encrypted manner. Encryption of fields is defined in the Hibernate mapping files, and it remains transparent for the rest of the application (useful for sensitive personal data, databases with many read-enabled users...).
    • Seamlessly integrable into a Spring application. All the digesters and encryptors in jasypt are designed to be easily used (instantiated, dependency-injected...) from an IoC container like Spring. And, because of it being thread-safe, they can be used without worries in a singleton-oriented environment like Spring.
    • Spring Security (Acegi Security) add-on (jasypt-spring-security) for performing password encryption and matching tasks for the security framework, improving the security of your users' passwords by using safer password encryption mechanisms and providing you with a higher degree of configuration and control.
    • Comprehensive guides and javadoc documentation, to allow developers to better understand what they are really doing to their data.
    • Robust charset support, designed to adequately encrypt and digest texts whichever the original charset is. Complete support for languages like Japanese, Korean, Arabic... with no encoding or platform issues.
    • Very high level of configuration capabilities: The developer can implement tricks like instructing an "encryptor" to ask a, for example, remote HTTPS server for the password to be used for encryption. It lets you meet your security needs.
  2. How does this library differ from the JCE, is it just an ease of use thing? Also, does the library delegate to the standard JCE or are the cryptographic algorithms reimplemented inside the Jasypt code?
  3. How does this library differ from the JCE, is it just an ease of use thing?

    Also, does the library delegate to the standard JCE or are the cryptographic algorithms reimplemented inside the Jasypt code?
    No, algorithms are not re-implemented, jasypt delegates to the standard JCE, adding a layer for ease and correctness of use, configurability, integration with several other technologies, etc.