You're reading from Practical Cloud-Native Java Development with MicroProfile Develop and deploy scalable, resilient, and reactive cloud-native applications using MicroProfile 4.1

Product type Paperback

Published in Sep 2021

Publisher Packt

ISBN-13 9781801078801

Length 404 pages

Edition 1st Edition

Languages

Java

Tools

Microprofile

Concepts

Cloud Native

Authors (5):

Alasdair Nottingham

John Alcorn

David Chan

Emily Jiang

Andrew McCright

+1 more

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: Cloud-Native Applications

2. Chapter 1: Cloud-Native Applications FREE CHAPTER

3. Chapter 2: How Does MicroProfile Fit into Cloud-Native Application Development?

4. Chapter 3: Introducing the IBM Stock Trader Cloud-Native Application

5. Section 2: MicroProfile 4.1 Deep Dive

6. Chapter 4: Developing Cloud-Native Applications

7. Chapter 5: Enhancing Cloud-Native Applications

8. Chapter 6: Observing and Monitoring Cloud-Native Applications

9. Chapter 7: MicroProfile Ecosystem with Open Liberty, Docker, and Kubernetes

10. Section 3: End-to-End Project Using MicroProfile

11. Chapter 8: Building and Testing Your Cloud-Native Application

12. Chapter 9: Deployment and Day 2 Operations

13. Section 4: MicroProfile Standalone Specifications and the Future

14. Chapter 10: Reactive Cloud-Native Applications

15. Chapter 11: MicroProfile GraphQL

16. Chapter 12: MicroProfile LRA and the Future of MicroProfile

17. Other Books You May Enjoy

Securing cloud-native applications using MicroProfile JWT

MicroProfile JWT utilizes JSON Web Token (JWT) with some additional claims for role-based access control of an endpoint to help with securing cloud-native applications. Securing cloud-native applications is often the must-have feature. It is often the case that cloud-native applications supply sensitive information, which should only be accessible to a particular group of users. Without securing cloud-native applications, everyone would be able to access the information. Jakarta Security (source code at https://github.com/eclipse-ee4j/security-api), a specification (https://jakarta.ee/specifications/security/) under Jakarta EE, can be used to secure cloud-native applications.

In the following example, the method checkAccount is secured via the Jakarta Security API @RolesAllowed. This method can only be invoked by clients with the access group StockViewer or StockTrader. All other users are denied as shown here: