Creating Secure Web Applications

To review, authentication for a Web application can be done as:

  • Form-based authentication, which uses Web forms to authenticate users into WebLogic Server

  • Browser-based authentication, which incorporates HTTP authentication methods to log in users to WebLogic Server

Declarative Security in Web Applications

Declarative security for Web applications uses deployment descriptors (web.xml and weblogic.xml) to express an application's security structure, including roles, access control, and authentication requirements. The information in the deployment descriptors maps the application's logical security requirements to its runtime representation. At runtime, the servlet container uses the security policy to enforce authentication. ...

Get J2EE™ Applications and BEA™ WebLogic Server™ now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.