Develop applications that use programmatic security
Applications go through three stages...
- Development
- Assembly
- Deployment
Security configured during the assembly stage and declared in the deployment descriptors is called declarative security, and is enforced by the security runtime.
For some applications, declarative security is not sufficient to express the security model of the application. For these applications, we can use programmatic security.
- Develop secure Web apps.
- Develop servlet filters for form login processing.
- Develop form login pages.
- Develop enterprise bean component applications.
- Develop with JAAS to log in programmatically.
- Develop your own Java EE security mapping module.
- Develop custom user registries.
- Develop a custom interceptor for trust associations.
 
Related concepts
Web component security
Trust associations
Java Authentication and Authorization Service
J2EE connector security
Multiple security domains
Protecting system resources and APIs (Java 2 security)
Develop with programmatic security APIs for Web apps
Develop with programmatic APIs for EJB applications
Related tasks
Secure enterprise bean applications
Develop extensions to the WebSphere security infrastructure
Related
Customizing a server-side JAAS authentication and login configuration
J2C principal mapping modules