Get started with the Java EE 8 Security API

About this series

The new and long-awaited Java EE Security API (JSR 375) ushers Java enterprise security into the cloud and microservices computing era. This series shows you how the new security mechanisms simplify and standardize security handling across Java EE container implementations, then gets you started using them in your cloud-enabled projects.

  • Tutorial
    Java enterprise security for cloud and microservices platforms

    As one of the three core specifications introduced with Java EE 8, the new Java EE Security API is an essential addition to your Java EE toolkit, and thankfully not terribly difficult to learn. Find out how the Java EE Security API supports enterprise security in cloud and microservices platforms,…

  • Tutorial
    Web authentication with HttpAuthenticationMechanism

    HttpAuthenticationMechanism's annotation-driven approach is a welcome departure from the tedium of manually configuring authentication for Java web applications. Learn how to setup and configure both classic Servlet 4.0-style authentication and custom solutions using HttpAuthenticationMechanism and the new Java EE 8 Security API.

  • Tutorial
    Securely access user credentials with IdentityStore

    Learn how to use the new IdentityStore interface to setup and configure RDBMS or LDAP identity storage in your Java web applications.

  • Tutorial
    Interrogating caller data with SecurityContext

    This final article in the Java EE Security API series introduces the SecurityContext API, which is used to interrogate caller data consistently across servlet and EJB containers. Find out how SecurityContext extends HttpAuthenticationMechanism's declarative capabilities, then put it to work testing caller data in a servlet container example.