Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Java EE Security API Moving Forward

DZone's Guide to

Java EE Security API Moving Forward

Author Ivar Grimstad shows some examples of features implemented so far as part of the Java EE Security API reference implementation.

· Performance Zone
Free Resource

Transform incident management with machine learning and analytics to help you maintain optimal performance and availability while keeping pace with the growing demands of digital business with this eBook, brought to you in partnership with BMC.

The Java EE Security API (JSR 375) is moving forward, as summarised by Arjan Tijms here: http://arjan-tijms.omnifaces.org/p/whats-new-in-java-ee-security-api-10.html.

One thing to note is that we now have a name for the reference implementation, namely Soteria. The name originates from Greek Mythology where Soteria was the goddess of safety and salvation [Wikipedia]. Our Soteria can be found on GitHub (https://github.com/javaee-security-spec/soteria) and also has a Twitter handle. Follow @Soteria_RI.

The Soteria GitHub repo contains a couple of samples that demonstrates the features implemented so far. I have created a couple of additional examples where I combine Soteria with other Java EE technologies, such as MVC and JSF. These can be found in https://github.com/ivargrimstad/security-samples.

As the following code shows, it is fairly straightforward to define an embedded identity store for an MVC 1.0 application.

@EmbeddedIdentityStoreDefinition({
    @Credentials(callerName = "hem", password = "cheese", groups = {"foo"}),
    @Credentials(callerName = "haw", password = "cheeze", groups = {"foo", "bar"})}
)
@DeclareRoles({"foo", "bar"})
@ApplicationPath("ui")
public class ApplicationConfig extends Application {

    @Override
    public Set<Class<?>> getClasses() {
        Set<Class<?>> classes = new HashSet<>();
        // add controllers
        return classes;
    }

The examples will be evolved as the specification and Soteria continue to evolve.

Evolve your approach to Application Performance Monitoring by adopting five best practices that are outlined and explored in this e-book, brought to you in partnership with BMC.

Topics:
java ,development ,java ee ,security ,api

Published at DZone with permission of Ivar Grimstad, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}