O'Reilly logo

JBoss AS 7 Configuration, Deployment, and Administration by Francesco Marchioni

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

We started this chapter discussing about the basic concepts of security and the difference between authentication and authorization.

Authentication is used to verify the identity of a user while authorization is used to check if the user has the rights to access a resource.

JBoss uses the PicketBox framework, sitting on top of Java Authentication and Authorization Service (JAAS) which secures all the Java EE technologies running in the application. The core section of the security subsystem is contained in the security-domain element, which performs all the required authorization and authentication checks.

Then, we took a close look at the login modules used to store the user credentials and their associated role. Each login module can be ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required