Creating Secure Web Applications

To review, authentication for a Web application can be done as:

  • Form-based authentication, which uses Web forms to authenticate users into WebLogic Server

  • Browser-based authentication, which incorporates HTTP authentication methods to log in users to WebLogic Server

Declarative Security in Web Applications

Declarative security for Web applications uses deployment descriptors (web.xml and weblogic.xml) to express an application's security structure, including roles, access control, and authentication requirements. The information in the deployment descriptors maps the application's logical security requirements to its runtime representation. At runtime, the servlet container uses the security policy to enforce authentication. ...

Get J2EE™ Applications and BEA™ WebLogic Server™ now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.