Book Image

Developing Middleware in Java EE 8

Book Image

Developing Middleware in Java EE 8

Overview of this book

Middleware is the infrastructure in software based applications that enables businesses to solve problems, operate more efficiently, and make money. As the use of middleware extends beyond a single application, the importance of having it written by experts increases substantially. This book will help you become an expert in developing middleware for a variety of applications. The book starts off by exploring the latest Java EE 8 APIs with newer features and managing dependencies with CDI 2.0. You will learn to implement object-to-relational mapping using JPA 2.1 and validate data using bean validation. You will also work with different types of EJB to develop business logic, and with design RESTful APIs by utilizing different HTTP methods and activating JAX-RS features in enterprise applications. You will learn to secure your middleware with Java Security 1.0 and implement various authentication techniques, such as OAuth authentication. In the concluding chapters, you will use various test technologies, such as JUnit and Mockito, to test applications, and Docker to deploy your enterprise applications. By the end of the book, you will be proficient in developing robust, effective, and distributed middleware for your business.
Table of Contents (18 chapters)
Title Page
Copyright and Credits
Dedication
Packt Upsell
Contributors
Preface
Index

Authentication mechanisms


As mentioned earlier, an authentication mechanism is the way the user identifies themselves to your application via the web browser. In the following sections, we're going to take a closer look at basic and form authentication methods.

Basic authentication

As mentioned earlier, basic authentication displays the browser's native login dialog before the user can access the protected resource. Although this method is not popular in real-world applications now, it's still useful in cases where you need a handy login mechanism for a quick or internal application.

In the following example, we're creating a basic authentication mechanism using the Java new security API:

@BasicAuthenticationMechanismDefinition(realmName="user-realm") 
@WebServlet("/home") 
@DeclareRoles({"user"}) 
@ServletSecurity(@HttpConstraint(rolesAllowed = "user")) 
public class HomeServlet extends HttpServlet { 
    ... 
} 

Let's see how we annotated our class:

  • @BasicAuthenticationMechanismDefinition: This...