Java EE 8 By Example
  • Introduction
  • Overview
    • Example Codes
  • JSF 2.3
    • Activating CDI in JSF 2.3
    • Run applications in JSF 2.2 compatible mode
    • CDI alignment
    • CDI compatible @ManagedProperty
    • Inject support in Converter, Validator and Behavor
    • Websocket support
    • UIData improvements
    • Class level bean validation with f:valdiateWholeBean
    • Java 8 DateTime support
    • PostRenderViewEvent: publising events after view is rendered
    • Search expression framework
  • CDI 2.0
    • Java SE support
    • Event Priority
    • Async Events
    • Register Beans dynamicially
    • Configurators and Intercept Producers
  • JPA 2.2
    • Java 8 Datetime support
    • Return Stream based result from Query
    • More CDI Alignments
  • JSON-B 1.0
  • JSON-P 1.1
  • Bean Validation 2.0
  • JAXRS 2.1
    • Async improvements
    • Server Sent Event
    • Reactive Client
  • Java EE Security API 1.0
    • HttpAuthenticationMechanism
    • IdentityStore
    • SecurityContext
  • Servlet 4.0
    • Server Push
    • Runtime Discovery of Servlet Mappings
    • Http Trailer
  • MVC 1.0
    • Getting started with MVC
    • Handling form submission
    • Exception handling and form validation
    • Processing PUT and DELETE methods
    • Page navigation
    • MVC and CDI
    • Security
    • Bean parameter conversion
    • View engine
Powered by GitBook
On this page

Was this helpful?

Java EE Security API 1.0

PreviousReactive ClientNextHttpAuthenticationMechanism

Last updated 4 years ago

Was this helpful?

Java EE Security API provides portable interfaces for HTTP authentication and identity stores, and a context aware SecurityContext which can be injected into other beans and allow you customize security programmatically.

HttpAuthenticationMechanism is used for authenticating users from applications.

IdentityStore is used for validating user credentials and retrieve its group information.

SecurityContext is used for querying the current security context in any context, eg. Servlet, JAX-RS, EJB etc.

Beside these, such as Authenticaiton, Authorization, UserPricinpal, Realm etc are very similar with .

the terminology from Apache Shiro