Working with J2EE RI Security
Before you look at making your J2EE application security aware, you must spend a short time looking at the J2EE RI support for a simple authentication system.
The J2EE RI provides an authentication domain that can be used during application development. The RI security domain supports:
Realms— A realm defines users that are authenticated using the same mechanism. The J2EE RI defines two realms:
file— Consisting of users and passwords stored in an XML file
certificate— Consisting of users identified by X.509 digital certificates, (certificates are only used to authenticate Web browser clients)
Users— Defines a username within the J2EE security domain. In the default realm, the username is the principal name. In the ...
Get Sams Teach Yourself J2EE™ in 21 Days, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.