Keep security out of the code!

For most web apps, most of the time, the web app’s security constraints should be handled declaratively, in the deployment descriptor. Why?

Top Ten Reasons to do your security declaratively

10

Who doesn’t need more XML practice?

9

Often maps naturally to the existing job roles in a company’s IT department.

8

Looks great on your resume.

7

Allows you to use servlets you’ve already written in more flexible ways.

6

It’s on the exam.

5

Allows application developers to reuse servlets without access to the source code.

4

It’s just cool.

3

Reduces ongoing maintenance when your application grows.

2

Finally, a way to justify the cost of that Container...

1

Supports the idea of component-based development.

Get Head First Servlets and JSP, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial