Until recently, there were no standards for implementing Java Security. Don't get me wrong, there were many libraries and frameworks available, but a formal standard specification was missing. Java Specification Request (JSR) 375 deals with the problems caused by a lack of standards. In this section, we will discuss JSR 375 in detail and we will also take a look at its reference implementation Soteria. To get started with Soteria, all you need to do is add the following dependencies in your Maven:
<dependency>
<groupId>org.glassfish.soteria</groupId><artifactId>javax.security.enterprise</artifactId><version>1.0</version>
</dependency>
Check out https://mvnrepository.com/artifact/org.glassfish.soteria/javax.security.enterprise for the latest Soteria implementations.
JSR 375 is focused on the following core aspects:
- Providing an API for authentication through the interface HTTPAuthenticationMechanism
- An identity store API through IdentityStore
- A security context API through SecurityContext
We will cover these three APIs in subsequent subsections.