Speaker Topics - No Fluff Just Stuff

J2EE Security @ Work: J2EE Meets JAAS

Have you wasted time writing lots of security-based code and ever wondered if there's a
better way to add security to your application? Are you confused by declarative security?
Have you read about JAAS (Java Authentication and Authorization Service) but wondered where
it fits? Have you ever said, “Can I just see a working example”? If so, then this talk is for you.

If you're looking to restrict access to resources based on user roles, then J2EE declarative
security is for you. You'll learn how to protect web pages and business logic without adding
a single line of Java code to your business logic.

This presentation covers:

  • J2EE Security Overview
  • Web-based Security
  • Protecting Access to Web-based Resources
  • JAAS Overview
  • Integrating JAAS with J2EE Security
  • Configuring JAAS with JBoss and Tomcat
  • Using Programmatic Security
  • Integrating web-based security with business logic

We use Ant and XDoclet to deploy a simple J2EE-based web site using JSPs, Servlets, and EJBs.
We will secure the application in an iterative style. We use JBoss as the reference implementation,
but the core techniques shown here are applicable to any J2EE 1.4 application server.

Intended audience: Experienced Java/J2EE developers


About Tom Marrs

Tom Marrs is a Technical Architect at Perficient, where he specializes in RESTful Web Services and Service-Oriented Architecture (SOA). He designs and implements mission-critical web and business applications using the latest SOA, Ruby on Rails, JSON, HTML5, JavaScript, Java/EE, and Open Source technologies.

Tom is the author of the JSON Refcard for DZone, and the upcoming book, JSON at Work for O’Reilly. Tom is also a speaker at the Great Indian Developer Summit (GIDS) conference.

An active participant in the local technical community, Tom helps emcee at the HTML5 Denver User Group, helped found the Denver Open Source User Group (DOSUG), has served as President of the Denver Java Users Group (DJUG), and speaks at other local user groups.

More About Tom »