Security is a very important consideration for enterprise applications, microservices, and cloud-based services. Applications should only be accessible to authorized clients, and this is a very common aspect for almost all modern enterprise applications:

In this chapter, we will focus on how to secure an application and how to protect it by providing a secure way of accessing the resources on the server.

We will also discuss the following:

• How to use the identity store to store user details
• The different authentication and authorization mechanisms that Java EE provides
• Implementing an API in Kotlin to secure the application and JWT support