Web security is defined in a number of different ways based on individual points of perception. The major focus of security though is the safety of applications that are developed and deployed to be used over the internet. In this course students learn how to take some software security measures in order to completely secure an application. While none of these are totally infallible, a combination of approaches of hardware can help with prevention of malicious attacks.
The 2 main concepts of security are authorization and authentication. In Java EE, web components give dynamic extension capabilities for a web server. These web components can be JSP pages or servlets.
Security in Java can be implemented in the ways mentioned below:
- Programmatic Security: This embedded in an application and is used to help with decision making when declarative security is not enough to enable the security mode for an application.
- Declarative Security: This is implemented using application deployment or metadata annotations.
- Message Security: This works best with incorporation of security features like encryption and digital signatures.