Summary
In this chapter, we covered security patterns as well as how to implement a security application using Java EE and its best practices. We also looked at single-sign-on (SSO), authentication mechanisms, and an authentication interceptor. Further, we demonstrated how to implement each of these using Java EE 8.
On the topic of a single-sign-on, we implement SSO using JAX-RS and create a service to deal with all authentication and authorization logic. As discussed, implementing a single-sign-on is generally done by a third-party application, such as Red Hat single-sign-on (RH-SSO) or Oracle Enterprise single-sign-on, but we can also create our own solution.
We learned about authentication mechanisms and how to use this HTTP tool with Java EE 8. Using Java EE 8, we implemented a basic mechanism, and saved user information on an application server at the realm. Further, we demonstrated how to implement authentication mechanisms in a servlet and REST resource.
We implemented an authentication...