Security in Java EE Part 1

Object Oriented application development provides developers to divide application into different layers such as database layer, business layer, presentation layer … etc. Multi layer application development approach provides easy to develop and maintain large scale projects. However, this approach addresses one of the most important issue, security.

Java EE consists of components ejb, web, web services, application clients … etc. Each of these components can be deployed into different containers or same container. Security is handled by the containers; a container provides programming or declarative security. Programming security is embedded control mechanism that is used when declarative security is insufficient. Declarative security defines applications security configuration out of the application via configuration files. Also, annotations define set of security rules by class files.

Java provides some security implementation mechanisms like;

Reference:

http://java.sun.com/j2se/1.5.0/docs/guide/security/

http://java.sun.com/javase/technologies/security/