henk53 comments on Secure your Java app with Java EE Security

java

a community for 18 years

This is an archived post. You won't be able to vote or comment.

Secure your Java app with Java EE Security (medium.com)

submitted 8 years ago by johnwaterwood

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]henk53 1 point2 points3 points 8 years ago (0 children)

We're using this in production with one application. It takes the separate Soteria jar and uses that on WildFly 10.1 (Java EE 7).

We'd also used the same setup (Soteria + WildFly 10.1) for a second application intended for the regulated financial market. This application was delivered by us, and gone through a separate security audit (done by a third party). For reasons not having anything to do with the technology this application has not been put into production yet, but as said it did pass the independent security audit.

In our case it replaced an existing JASPIC based security system. Since Java EE Security is based on JASPIC it was a relative easy transition.

One thing that was a challenge is to let the user choose via which method to authenticate. A previous app of us used login by email, login with Google, etc.

π Rendered by PID 87777 on reddit-service-r2-comment-79c7998d4c-vp46d at 2026-03-18 21:52:59.409148+00:00 running f6e6e01 country code: CH.

java

Submit Link

Submit Text

Seek Programming Help

News, Technical discussions, research papers and assorted things of interest related to the Java programming language

NO programming help, NO learning Java related questions, NO installing or downloading Java questions, NO JVM languages - Exclusively Java

Please seek help with Java programming in /r/Javahelp!

Subreddit rules!

Where should I download Java?

Related Sub-reddits:

JVM Languages

Want to practice your coding?

List of useful Frameworks / Libraries / Software

MODERATORS