Java Reference
In-Depth Information
Chapter10.Securing WildFly
Applications
In the previous chapter, we described how to manage your application server. The next stop
in our journey will be learning about security, which is a key element of any Enterprise ap-
plication. You must be able to control and restrict who is permitted to access your applica-
tions and what operations users may perform.
The Java Enterprise Edition specification defines a simple role-based security model for
Enterprise JavaBeans and web components. The implementation of WildFly security is de-
livered by the
Picketbox
framework (formerly known as JBoss Security), which is part of
the application server and provides the authentication, authorization, auditing, and mapping
capabilities for Java applications.
Here is the list of topics we will cover in this chapter:
• A short introduction to the Java security API
• The foundation of the WildFly security subsystem
• Defining and applying login modules to secure Java EE applications
• Using the
Secure Sockets Layer
(
SSL
) protocol to encrypt the traffic
