Summary
The needs that we have when implementing application security can be quite varied. In this chapter, we saw how JAX-RS offers mechanisms to handle security, starting from a fairly basic model (coarse-grained) to a more elaborate one (fine-grained) in which you can perform more exhaustive controls, including programmatic controls and controls through configuration files.
Of course, it is always recommended to keep these checks in configuration files such as web.xml
. Since you have the controls centralized in one place, it facilitates maintenance. This does not occur when security is handled at the level of source code, because when there are many classes that are part of the project, the tasks get complicated when some form of modification to the current functionality is required.
Now, you should prepare for the next chapter, in which we will talk about OAuth. It's a very exciting topic because this protocol is widely accepted and used across Internet applications. The rockstar...