JEE 8 has incorporated Java EE Security API 1.0 (JSR 375, https://javaee.github.io/security-spec/). Enhancements in these APIs are broadly classed into four categories:
- Support for the Servlet 4.0 authentication mechanism. You can specify the type of authentication in servlets using annotations. For example, @BasicAuthenticationMechanismDefinition for basic authentication, @FormAuthenticationMechanismDefinition for form-based authentication, and @CustomFormAuthenticationMechanismDefinition for custom authentication. For more information, refer to https://javaee.github.io/security-spec/spec/jsr375-spec.html#authentication-mechanism.
- Identity Store APIs. By implementing the Identity Store interface, you can specify how user, password, and group information is made available to JEE authentication and authorization APIs. You can make...