Chapter 7. Securing an ADF Essentials Application
You have developed the functionality of your ADF Essentials application, but you probably don't want every feature to be available to everybody. To ensure that only the right users get access to the right information, you need authentication (to identify the user of the application) and authorization (to control what each user is allowed to do).
If you are running the full version of ADF on WebLogic, the ADF framework offers a comprehensive set of security features. However, since we are running ADF Essentials on GlassFish, we will need another solution.
The Java technology stack offers the Java Authentication and Authorization Service (JAAS), but this solution is rather complex and not very popular among developers. Instead, in this chapter, we will implement Apache Shiro security for our application.
