Chapter 3. Declarative Security

Topics in This Chapter

  • Understanding the major aspects of Web application security
  • Authenticating users with HTML forms
  • Using BASIC HTTP authentication
  • Defining passwords in Tomcat
  • Designating protected resources with the security-constraint element
  • Using login-config to specify the authentication method
  • Mandating the use of SSL
  • Configuring Tomcat to use SSL
  • Talking to Web servers interactively
  • Creating your own Certificate Authority
  • Signing a server certificate

There are two major aspects to securing Web applications:

  1. Preventing unauthorized users from accessing sensitive data. This process involves access restriction (identifying which resources need protection and who should have access to them) and authentication ...

Get Core Servlets and JavaServer Pages, Volume 2: Advanced Technologies, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.