Security is one of the hottest topics of all time in the software industry, and there's no reason for that to change any time soon. Actually, it will probably become even hotter as time goes by.
With all your data being streamed through the cloud, passing through uncountable servers, links, databases, sessions, devices, and so on, what you would expect, at the very least, is for it to be well-protected and secure and its integrity to be kept intact.
Jakarta EE has its own Security API, with Soteria being one of its reference implementations.
Security is a subject worthy of dozens of books; that's a fact. However, this chapter will only cover some of the most common use cases you may come across in your daily projects.
This chapter covers the following recipes:
- Domain protection with authentication
- Granting rights through authorization
- Protecting data confidentiality and integrity with SSL/TLS
- Using declarative security
- Using programmatic security