Introduction to Security in the Java EE Platform
This and subsequent chapters discuss how to address security requirements in Java EE, web, and web services applications. Every enterprise that has sensitive resources that can be accessed by many users, or resources that traverse unprotected, open, networks, such as the Internet, needs to be protected.
This chapter introduces basic security concepts and security implementation mechanisms. More information on these concepts and mechanisms can be found in the Security chapter of the Java EE 5 specification. This document is available for download online at http://www.jcp.org/en/jsr/detail?id=244.
Other chapters in this tutorial that address security requirements include the following:
Chapter 29, Securing Java EE Applications discusses adding security to Java EE components such as enterprise beans and application clients.
Chapter 30, Securing Web Applications discusses and provides examples for adding security to web components such as servlets and JSP pages.
Some of the material in this chapter assumes that you understand basic security concepts. To learn more about these concepts, you should explore the Java SE security web site before you begin this chapter. The URL for this site is http://download.oracle.com/javase/6/docs/technotes/guides/security/.
This tutorial assumes deployment onto the Application Server and provides some information regarding configuration of the Application Server. See the Application Server documentation set at http://docs.sun.com/coll/1343.4 for more information.