Java EE Security Early Draft Review Starts Now!

From DZone Java Zone
March 18, 2017 - 1:01am
The Java EE Security API just posted its first early draft review. Because of the now-accelerated Java EE 8 schedule, the rest of the steps towards finalization of the specification are going to happen very quickly. Java EE security is one of the most anticipated changes in Java EE 8. This is the case particularly because security is one of the last areas left to be revamped in the way most other Java EE APIs, such as EJB 3, have been changed radically. As a result, Java EE security is very highly dependent on things like vendor-specific GUI console wizards, vendor-specific configuration, or command-line administrative tools. Pluggability, extensibility, and customization are also currently challenging when the security features that already come with the application server are not sufficient. This is the main reason for the existence of third-party security frameworks in server-side Java, like Shiro and Keycloak. The Java EE Security API aims to solve these important issues and promote both simplicity and portability, particularly in the cloud.

Continue reading this article »