Showing posts with label Java EE 6. Show all posts
Showing posts with label Java EE 6. Show all posts

Tuesday, September 21, 2010

JavaOne 2010 Presentation: Application Security Enhancements in Java EE 6

I spoke at JavaOne 2010 conference yesterday on the topic of Application Security Enhancements in Java EE 6.

Java EE 6, released earlier this year, includes several significant enhancements especially in the areas of annotation based authentication and authorization in the web tier. So, if you are developing lightweight web applications where you don't want to use EJB components for the application security requirements, you now have a choice of implementing the authentication (declaratively or programmatically) and authorization aspects in the Controller classes (Servlets).

Session abstract:
Java EE 6 includes some interesting security enhancements in the areas of Web container security as well as authentication and authorization aspects in Web application development. This session will give an overview of these new security features and discuss the details of how to use them, with help of a sample Java application, in real-world enterprise Java applications. The discussion will include how developers can take advantage of programmatic and declarative (@ServletSecurity, @DeclareRoles) security features. It will also include a discussion on Java EE security technologies such as Java Authentication Service Provider Interface for Containers (JSR 196) and Java Authorization Contract for Containers (JSR 115).

I did couple of demo's on how to use the new security features. This is my first time attending JavaOne conference as a speaker and it's been a great experience so far.

I also wrote on InfoQ website about the new security features provided by Java EE 6 release.

If you have been using other security frameworks like Spring Security, Java EE 6 is definitely you should look at. While there are some differences in what Spring Security 3 framework offers in terms of role based access, EL based authorization etc, the new web-tier security features in Java EE 6 make it easier to implement the security aspects without coupling the security logic with application or business logic.

Posted by srinip at 10:21 AM 3 comments

Labels: , , ,

Saturday, December 12, 2009

Java EE 6 Features: Dependency Injection, Bean Validation and EJB Enhancements

Java EE 6 was released on Thursday this week. I wrote about it on InfoQ website. The latest release is major in terms of breadth and depth of the new features included in the release.

Some of the main features in JEE6 include:

  • Dependency Injection
  • Bean Validation
  • EJB Enhancements
  • Servlet, JSF, and JSP Enhancements
  • JAX-RS API
Check out more details on the new release here.

Posted by srinip at 3:34 PM 0 comments

Labels: ,

Subscribe to: Posts (Atom)