Introduction to Security in the Java EE Platform
The chapters in Part VII discuss security requirements in web tier and enterprise tier applications. Every enterprise that has either sensitive resources that can be accessed by many users or resources that traverse unprotected, open, networks, such as the Internet, needs to be protected.
This chapter introduces basic security concepts and security mechanisms. More information on these concepts and mechanisms can be found in the chapter on security in the Java EE 6 specification. This document is available for download online at http://www.jcp.org/en/jsr/detail?id=316.
In this tutorial, security requirements are also addressed in the following chapters.
Chapter 40, Getting Started Securing Web Applications explains how to add security to web components, such as servlets.
Chapter 41, Getting Started Securing Enterprise Applications explains how to add security to Java EE components, such as enterprise beans and application clients.
Some of the material in this chapter assumes that you understand basic security concepts. To learn more about these concepts before you begin this chapter, you should explore the Java SE security web site at http://docs.oracle.com/javase/6/docs/technotes/guides/security/.
The following topics are addressed here: