Java EE Security API Moving Forward
Java EE Security API Moving Forward
Author Ivar Grimstad shows some examples of features implemented so far as part of the Java EE Security API reference implementation.
Join the DZone community and get the full member experience.
Join For FreeSignalFx is the only real-time cloud monitoring platform for infrastructure, microservices, and applications. The platform collects metrics and traces across every component in your cloud environment, replacing traditional point tools with a single integrated solution that works across the stack.
The Java EE Security API (JSR 375) is moving forward, as summarised by Arjan Tijms here: http://arjan-tijms.omnifaces.org/p/whats-new-in-java-ee-security-api-10.html.
One thing to note is that we now have a name for the reference implementation, namely Soteria. The name originates from Greek Mythology where Soteria was the goddess of safety and salvation [Wikipedia]. Our Soteria can be found on GitHub (https://github.com/javaee-security-spec/soteria) and also has a Twitter handle. Follow @Soteria_RI.
The Soteria GitHub repo contains a couple of samples that demonstrates the features implemented so far. I have created a couple of additional examples where I combine Soteria with other Java EE technologies, such as MVC and JSF. These can be found in https://github.com/ivargrimstad/security-samples.
As the following code shows, it is fairly straightforward to define an embedded identity store for an MVC 1.0 application.
@EmbeddedIdentityStoreDefinition({
@Credentials(callerName = "hem", password = "cheese", groups = {"foo"}),
@Credentials(callerName = "haw", password = "cheeze", groups = {"foo", "bar"})}
)
@DeclareRoles({"foo", "bar"})
@ApplicationPath("ui")
public class ApplicationConfig extends Application {
@Override
public Set<Class<?>> getClasses() {
Set<Class<?>> classes = new HashSet<>();
// add controllers
return classes;
}The examples will be evolved as the specification and Soteria continue to evolve.
SignalFx is built on a massively scalable streaming architecture that applies advanced predictive analytics for real-time problem detection. With its NoSample™ distributed tracing capabilities, SignalFx reliably monitors all transactions across microservices, accurately identifying all anomalies. And through data-science-powered directed troubleshooting SignalFx guides the operator to find the root cause of issues in seconds.
Like This Article? Read More From DZone
Published at DZone with permission of Ivar Grimstad , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}