🛡️
Policy-Based Authorization
AWS IAM-inspired deny-first evaluation engine. Composable policies with ActionMatcher and ConditionMatcher SPI.
RBAC-based and Policy-based access control for JVM applications, inspired by AWS IAM
// build.gradle.kts
implementation("me.ahoo.cosec:cosec-spring-boot-starter:<version>")# application.yaml
cosec:
jwt:
algorithm: hmac256
secret: your-secret-key-here
authorization:
local-policy:
enabled: true
init-repository: true| Technology | Version | Purpose |
|---|---|---|
| Kotlin | 2.3.20 | Primary language |
| Java | 17 | Target JVM |
| Spring Boot | 4.0.5 | Application framework |
| Project Reactor | - | Reactive programming |
| auth0/java-jwt | 4.5.1 | JWT token handling |
| CoCache | 4.0.2 | Distributed Redis caching |
| JustAuth | 1.16.7 | OAuth social authentication |
| OpenTelemetry | 2.26.1 | Observability tracing |