This event has ended. Visit the official site or create your own event on Sched.
Get your ticket and additional info and support at jcon.one
Back To Schedule
Thursday, October 7 • 16:00 - 17:00
Jakarta EE Security - Sailing Safe in Troubled Waters

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Security in Jakarta EE has long been under used and under specified. Existing specifications ranged from overly complex to non-existent. The result was few people used security standards. Java EE 8 changed that with JSR 375. Its evolution Jakarta Security facilitates portable application security integrated with container security. Allowing applications to treat authentication mechanisms like OAuth or OpenID Connect same as built-in container mechanisms like FORM or container-based access to a URL and features like @RolesAllowed and isUserInRole automatically work as expected. It depends on CDI, and lower level SPIs Jakarta Authentication and Jakarta Authorization. Jakarta Authorization defines an SPI for authorization based security checking if a subject has given permissions and algorithms to transform security constraints for containers including Servlets or Enterprise Beans into them. Jakarta Authentication defines an SPI for authentication that interacts with a container’s environment to obtain the caller’s credentials, validate them and pass an authenticated identity (e.g. name, groups,...) to the container. This hands-on session is intended to get attendees up to speed with the state of Jakarta Security specs, demonstrate compatible implementations like Soteria, Exousia and others including Eclipse Glassfish or Tomcat. We will ask the audience for their opinion and thoughts what else they would like to see in the Security specs with Jakarta EE 10 and beyond.

avatar for Ivar Grimstad

Ivar Grimstad

Jakarta EE Developer Advocate, Eclipse Foundation
Ivar Grimstad is the Jakarta EE Developer Advocate at Eclipse Foundation. He is a Java Champion and JUG Leader based in Sweden. Ivar is the PMC Lead for Eclipse Enterprise for Java (EE4J) and involved in the Jakarta EE Working Group. He is also one of the community representatives... Read More →
avatar for Werner Keil

Werner Keil

CATMedia UG & Co. KG
Werner Keil is a Cloud Architect, Jakarta EE and Microservice expert for the public sector. Helping Global 500 Enterprises across industries and leading IT vendors. He worked for over 30 years as IT Manager, PM, Coach, SW architect and consultant for Finance, Mobile, Media, Transport... Read More →

Thursday October 7, 2021 16:00 - 17:00 CEST
#1 Main EN only