Security management options
Java provides some options for security management. Right now, we will explain some of them and demonstrate how to implement them. All authentication methods are practically based on credential delivery from the client to the server. There are several methods to perform this, which are:
- BASIC authentication
- DIGEST authentication
- CLIENT CERT authentication
- Using API keys
Security management in applications built with Java, including the ones with RESTful web services, always rely on JAAS.
Java Authentication and Authorization Service (JAAS) is a framework that is part of Java Platform Enterprise Edition. Hence, it is the default standard to handle an application's security in Java; it allows you to implement authorization, and it allows authentication controls over applications with the purpose of protecting resources that belong to the application. If you want to know more about JAAS, you can check out the following link:
