JEE5 Security

Any new project or product that is used by more than 1 user and over any kind of network needs the “TripleA” AAA features: Authorization, Authentication, Auditing. That’s a must !

I am reading about the JEE5 Security features to outline a new design, or at least I try to find some comprehensive information about it. It seems one of the most important framework services is still being largely developed handmade according to the needs of specific project requirements and no generic solution is available (I think I need to rephrase this after some more investigation). I could  not find many books or online sources with samples or easy-digestible tutorials, just to share what I found so far. JAAS is part of JRE since version 1.4 and most of the information about is a bit old (2002).

SUN JAVA SE security (link) (link)
SUN JAAS Tutorial (link)

3rd Party Security Framework (based on JAAS)
JGuard on (link)
ESAPI  on OWASP (link)

Free JAAS Book (link)
Software Security Technologies (covering security in Java, C, Perl)

Software Security Technologies


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s