OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Go further into "Learn Spring Security":
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
SBS3 — A sample SAML 2.0 Service Provider built on Spring Boot.
Bridge from the pac4j security library to Spring Security (reactive)
Security library for Play framework 2 in Java and Scala: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...