Ask HN: Web framework, written in a typed language, auth out of the box?

1 points by ohgh1ieD ↗ HN
Don't suggest me Spring Boot, asp.net mvc or the Play Framework.

Don't ask me why I want a statically typed language and also don't try to argue about it please.

I don't want to think about auth, I just want to plug it in and it works out of the box but in case that I have to change something, it should be quite easy to make the changes without lots of pain.

thank you

4 comments

[ 74.2 ms ] story [ 1084 ms ] thread
If you don't want to think about auth, you're basically looking for a CMS.

All traditional web frameworks make you plug in your actual authentication store, though most obviously provide some notion of access control or permissions.

Well ok, it can be an easy to handle module for the web framework.

The ideal example would be Rails devise[0]

It just works without wasting too much time.

[0] https://github.com/plataformatec/devise

In the Java world, the two modern, main authn/authz frameworks are Spring Security [1] and Shiro [2]. Shiro is vastly easier to learn and apply.

Wicket [3] is a decent Java web framework that you can use together with Shiro; in the past there was a deeper integration [4]. Tapestry is another web framework that offers native integration [5].

[1] http://projects.spring.io/spring-security/

[2] http://shiro.apache.org/index.html

[3] http://wicket.apache.org/

[4] https://github.com/55minutes/fiftyfive-wicket

[5] https://tapestry.apache.org/security.html

Spring security is the biggest boilerplate mess I've seen so far, that's also the reason I'm moving away from spring.

Thank you for the other suggestions.