Java EE Security Implementation Mechanisms
Java EE Security Implementation Mechanisms
using declarative or programmatic techniques (container security is discussed more in
functions and associated data at many different layers. Java EE security services are separate
from the security mechanisms of the operating system.
Application-layer security provides security services for a specific application type tailored to
the needs of the application. At the application layer, application firewalls can be employed to
enhance application protection by protecting the communication stream and all associated
application resources from attacks.
application functions and data. However, as is inherent to security applied at the application
layer, security properties are not transferable to applications running in other environments
and only protect data while it is residing in the application environment. In the context of a
traditional application, this is not necessarily a problem, but when applied to a web services
application, where data often travels across several intermediaries, you would need to use the
Java EE security mechanisms along with transport-layer security and message-layer security for
a complete security solution.
application types.