Chapter 31. Security

In this chapter

Role-Based Security
Basic Authentication
Creating a Custom Login Form
Checking Security Roles Programmatically
Using Client Certificates for Authentication

In Chapter 5, "Saving Data Between Requests," you saw how to create a login form and keep track of a user with the session object. The servlet container gives you an alternative to creating your own login form. By adding additional information to the deployment descriptor for your Web application, you can force the user to log in to the application without writing specific code for login authentication.

Role-Based Security

The authentication mechanism in the servlet specification uses a technique called role-based security. The idea is that rather than restricting ...

Get Special Edition Using Java™ Server Pages and Servlets now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Special Edition Using Java™ Server Pages and Servlets by Mark Wutka

Chapter 31. Security

Role-Based Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly