Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering JBoss Enterprise Application Platform 7

You're reading from   Mastering JBoss Enterprise Application Platform 7 Core details of the Enteprise server supported by clear directions and advanced tips.

Arrow left icon
Product type Paperback
Published in Aug 2016
Publisher Packt
ISBN-13 9781786463630
Length 390 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Authors (2):
Arrow left icon
Luigi Fugaro Luigi Fugaro
Author Profile Icon Luigi Fugaro
Luigi Fugaro
Francesco Marchioni Francesco Marchioni
Author Profile Icon Francesco Marchioni
Francesco Marchioni
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Installation and Configuration FREE CHAPTER 2. The CLI Management Tool 3. Managing EAP in Domain Mode 4. Deploying Applications 5. Load Balancing 6. Clustering EAP 7 7. Logging 8. Configuring Database Connectivity 9. Configuring EAP 7 for Java EE Applications 10. Messaging Administration 11. Securing the Application Server 12. New Security Features of EAP 7 13. Using EAP 7 with Docker 14. Running EAP 7 on the Cloud Using OpenShift

EAP 7 new security model

Since the earliest releases of the application server, the security requirements were met by means of Java Authentication and Authorization Service (JAAS) which provided a subject-based authorization on authenticated identities. In modern IT, however, the simple caller principal and credential combination provided by JAAS is not in line with current security standards.

Additionally, the JAAS approach, which has been initially developed as a client based API, has never been finalized in the Java EE specification, thus leaving the choice of using it or not to the application servers' vendors.

Along with JAAS, other security layers have been introduced in the application server, based on Simple Authentication and Security Layer (SASL). By using SASL, you can decouple the authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used by the application server. An example of this is contained in...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime