Explore Java Enterprise security, focusing on authentication, authorization, and information security. Gain insights into encoding, encryption, and hashing. Discover OAuth2 and OpenID Connect integration techniques.

new.tar.gz

taskOne

tasktwo

taskthree

formPF

oauth2

openid

ldap

hashing

JWTHello

JWKManager

JwtAuthCode

demo

Challenge 1

Challenge2

Challenge3

simple-hash

hash-with-salt

PBKD

Challenge2-Faizan

Challenge3-Faizan

This course covers authentication and authorization within web applications in Java Enterprise security. Security is a vast concept with many aspects. In particular, we'll focus on the security of applications and the data they contain, an area that is known as information security.

We will start by identifying our end users and dive deep into the differences between encoding, encryption, and hashing techniques. After that, we will learn to propagate information with microservices architecture.

By the end of this course, you'll have hands-on experience with the integration and configuration of OAuth2 and OpenID Connect into the Java application.

JakartaEE Security Workshop

# Overview

In the chapter “[Window Shopping](https://www.educative.io/collection/page/10370001/6238129215766528/45640596306001),” we always used the Basic authentication method. However, many other standardized authentication methods are more helpful than this one. In the Basic authentication method, the end user has to fill in their credentials in a basic dialog. We want to present the user with a nice login form that can be styled according to the rest of the application. This can be achieved by the form-based authentication method. Other methods may be preferable depending on the application’s use case. These include OpenID Connect and identifications based on client certificates or tokens.

For the form-based method, a standard URL is defined within Jakarta Security, `j_security_check`, where the username and password (with standard names `j_username` and `j_password`) can be handled.
The server picks up these values and validates them against a realm, as we did in the lesson [Standards Basic Method](https://www.educative.io/courses/jakarta-ee-security-workshop/standards-basic-method).

Using OAuth2 and OpenID Connect requires an entirely different approach, as we will see in lessons [OAuth2
](https://www.educative.io/courses/jakarta-ee-security-workshop/oauth2) and [OpenID Connect](https://www.educative.io/courses/jakarta-ee-security-workshop/openid-connect). To get started, let's look at the form-based authentication method for a web application.

# PrimeFaces based form method

In this lesson’s example, we will use #key# PrimeFaces: PrimeFaces is a famous JavaServer Faces UI framework. It is used to develop sophisticated applications for enterprise or standard websites. #key# is the default standard #key# JSF: JavaServer Faces #key# component library,  to integrate the requirements of form-based authentication. The standard URLs and post names for the credentials within a login page created with PrimeFaces.

We will define the protected resources using the security API configuration and indicate that we are using form based authentication using the standard names and endpoint.

We will define the protected resources using the security API configuration and indicate the form based authentication using the standard names and endpoint.

# Create the project

We again start from the project template that we defined earlier and add the required dependencies and classes to it.

* If you want to work within the Educative platform, simply use the project we’ve created at the end of this lesson. If you choose to work locally, you will need to create a Maven project `formPF` as described in “[Introduction to Window Shopping](https://www.educative.io/courses/jakarta-ee-security-workshop/introduction-to-window-shopping)."

## Add Maven dependency

Learn how the Basic authentication and PrimeFaces-based methods work with a code example.

Basic Authentication and PrimeFaces Methods

Before We Begin

Introduction

Concepts

Window Shopping

Authentication Methods

Standards

Authentication Data Stores

Secure Data Transfer

Basic Authentication and PrimeFaces Methods

Overview

PrimeFaces based form method