Java Reference
In-Depth Information
Summary
We started this chapter by discussing the basic concepts of security and the difference
between authentication and authorization.
WildFly uses the PicketBox framework sitting on top of the
Java Authentication and
Authorization Service
(
JAAS
), which secures all the Java EE technologies running in the
application. The core section of the security subsystem is contained in the security-domain
element that performs all the required
authorization
and
authentication
checks.
Then, we took a much closer look at the login modules, which are used to store the user
credentials and their associated roles. In particular, you learned how to apply the file-based
UserRoles
login module and the
Database
login module. Each login module can be
used by Enterprise applications in either a programmatic or declarative way. While pro-
grammatic security can provide a fine-grained security model, you should consider using
declarative security, which allows a clean separation between the business layer and the se-
curity policies.
Finally, in the last section of this chapter, we covered how to encrypt the communication
channel using the Secure Socket Layer and the certificates produced by the
keytool
Java
utility.
In the next chapter, we are going to discuss clustering, which is the environment where crit-
ical applications are deployed.
