CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-javax--javaee-api

Complete Java Enterprise Edition 8 specification APIs providing all standardized enterprise application development interfaces

Pending
Overview
Eval results
Files

security.mddocs/

Security

Security APIs including JACC authorization, JASPIC authentication, and Java EE Security for identity management.

JACC (Java Authorization Contract for Containers)

public abstract class Policy {
    public static Policy getPolicy();
    public static void setPolicy(Policy p);
    public abstract boolean implies(ProtectionDomain domain, Permission permission);
    public abstract PermissionCollection getPermissions(CodeSource codesource);
    public abstract PermissionCollection getPermissions(ProtectionDomain domain);
}

public interface PolicyContext {
    String getContextID() throws PolicyContextException;
    Object getContext(String key) throws PolicyContextException;
    void setContextID(String contextID);
    void setHandlerData(Object data);
}

Java EE Security

public interface IdentityStore {
    CredentialValidationResult validate(Credential credential);
    Set<String> getCallerGroups(CredentialValidationResult validationResult);
    int priority();
    Set<ValidationType> validationTypes();
}

public interface HttpAuthenticationMechanism {
    AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException;
    AuthenticationStatus secureResponse(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException;
    void cleanSubject(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext);
}

Security Annotations

@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface RolesAllowed {
    String[] value();
}

@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface PermitAll;

@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface DenyAll;

Usage Example

@Stateless
public class AdminService {
    
    @RolesAllowed("admin")
    public void deleteUser(Long userId) {
        // Only admin users can delete
    }
    
    @PermitAll
    public List<User> getPublicUsers() {
        // Anyone can access
        return userRepository.findPublicUsers();
    }
}

Install with Tessl CLI

npx tessl i tessl/maven-javax--javaee-api

docs

dependency-injection.md

ejb.md

enterprise-services.md

index.md

json-processing.md

messaging.md

persistence.md

rest-services.md

security.md

transactions.md

validation.md

web-services.md

web-technologies.md

xml-binding.md

tile.json