JEE 8 has incorporated Java EE Security API 1.0 (JSR 375, https://javaee.github.io/security-spec/). Enhancements in these APIs are broadly classed into four categories:
- Support for the Servlet 4.0 authentication mechanism. You can specify the type of authentication in servlets using annotations. For example,
@BasicAuthenticationMechanismDefinition
for basic authentication,@FormAuthenticationMechanismDefinition
for form-based authentication, and@CustomFormAuthenticationMechanismDefinition
for custom authentication. For more information, refer to https://javaee.github.io/security-spec/spec/jsr375-spec.html#authentication-mechanism. - Identity Store APIs. By implementing the Identity Store interface, you can specify how user, password, and group information is made available to JEE authentication and authorization APIs. You can make your security-related code portable across JEE 8 containers by implementing this interface. For more information, refer to https:...