Register For ApacheCon

ApacheCon is a week of open source goodness straight from the source of the Apache Software Foundation, featuring 15 intense training classes over two days followed by three days of more than 50 sessions by the creators of open source software such as the Apache webserver, Tomcat, Lucene, Wicket and more.


Media Partners

Media Partner

Support ApacheCon

Support ApacheCon by displaying a banner on your website.

Support ApacheCon!

Have a Question?

Questions about the program? Interested in becoming a sponsor? Please contact the event planners if you have any questions. We look forward to seeing you in Amsterdam!

ApacheCon Session

Securing Java EE 5.0 Applications with Apache Geronimo

Security is always a high priority in application development, and with complex applications the task becomes even more daunting. While the Java EE specification, JAAS and JACC provide a step in the right direction, every application server is free to implement container security differently. Apache Geronimo, a JEE 5.0 certified container, enables storing user credentials in a variety of data stores viz., simple text files, a database, an LDAP server and digital certificates. In this session we see how these data stores can be used to configure application security and how the necessary infrastructure can be run in Apache Geronimo itself. The session presents: a) Prerequisites for PropertiesFile, Database, LDAP and CertificatePropertiesFile realms and shows how to create these realms. b) Advanced features like auditing, lockout after repeated failures, prinicipal wrapping, single-sign-on, etc. c) Configuring Web/EJB/EAR application security. After completing this session, the audience will gain knowledge on their choice of data stores for user credentials, create various security realms and deployment plans necessary to secure their applications with Geronimo.

Orientation:    Developer   

Level:              Novice