ApacheCon is a week of open source goodness straight from the
source of the Apache Software Foundation, featuring 15 intense
training classes over two days followed by three days of more
than 50 sessions by the creators of open source software such
as the Apache webserver, Tomcat, Lucene, Wicket and more.
Have a Question?
Questions about the program? Interested in
becoming a sponsor?
Please contact the event planners if you have
any questions. We look forward to seeing you in Amsterdam!
Securing Java EE 5.0 Applications with Apache Geronimo
Security is always a high priority in application development, and with complex applications the task becomes even more daunting. While the Java EE specification, JAAS and JACC provide a step in the right direction, every application server is free to implement container security differently. Apache Geronimo, a JEE 5.0 certified container, enables storing user credentials in a variety of data stores viz., simple text files, a database, an LDAP server and digital certificates. In this session we see how these data stores can be used to configure application security and how the necessary infrastructure can be run in Apache Geronimo itself. The session presents: a) Prerequisites for PropertiesFile, Database, LDAP and CertificatePropertiesFile realms and shows how to create these realms. b) Advanced features like auditing, lockout after repeated failures, prinicipal wrapping, single-sign-on, etc. c) Configuring Web/EJB/EAR application security. After completing this session, the audience will gain knowledge on their choice of data stores for user credentials, create various security realms and deployment plans necessary to secure their applications with Geronimo.