Security is an important aspect of many enterprise applications. Building a secure application from the ground up, without any support, is an arduous task and certainly not one you would consider doing in a hurry. Thankfully, Java provides an excellent security model that reduces the burden on developers, and puts the creation of secure applications within the grasp of mere mortals.
In this chapter, we'll show you how the J2EE security model is implemented in Oracle 10g AS. Specifically, we'll cover the following:
J2EE security model. Here you'll learn some of the core concepts of the J2EE security model, including authorization, authentication, principals, and roles.
Java Authentication and Authorization Service (JAAS). This ...