Profile

Cover photo
Arjan Tijms
Worked at Zeef
249 followers|122,402 views
AboutPostsPhotosVideos

Stream

Arjan Tijms

Shared publicly  - 
 
The state of portable authentication in Java EE, end 2016 update
In the beginning and middle of this year we looked at how well modern Java EE servers supported portable authentication (JASPIC) in Java EE. As the end of 2016 approaches we take a third look to see how things are progressing. Since our last time new versio...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Simplified custom authorization rules in Java EE
In a previous article we looked at implementing a Java EE authorization module using the JACC specification. This module implemented the default authorization rules as specified by the JACC-, Servlet- and EJB specifications. In this article we go beyond tha...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Java EE's mysterious message policy
Users of Java EE authentication (JASPIC) may have noticed that the initialize method of a SAM takes two parameters of type MessagePolicy . But what are these parameters used for? In this article we'll take a somewhat deeper look. In practice, the overwhelmi...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Java EE 7 server Liberty 9 beta 2016.1 tested for JASPIC support
IBM recently released the latest monthly beta of their modern and light weight Java EE 7 server; Liberty 9 beta 2016.1 . Previous beta releases of Liberty 9 already performed quite well when it came to Java EE's portable authentication (JASPIC), but weren't...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
The state of portable authentication for GlassFish, Payara, JBoss/WildFly, WebLogic and Liberty
Almost exactly 3 years ago I took an initial look at custom container authentication in Java EE . Java EE has a dedicated API for this called JASPIC. Even though JASPIC was a mandatory part of Java EE, support at the time was not really good. In this articl...
Almost exactly 3 years ago I took an initial look at custom container authentication in Java EE. Java EE has a dedicated API for this called JASPIC. Even though JASPIC was a mandatory part of Java EE, support at the time was ...
2
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Very nice sequence diagram by Argo Navis showing the core of how JASPIC works:

https://twitter.com/argonavis_br/status/626450151301885952/photo/1
2
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Custom authorization rules on IBM Liberty
Last month we presented a way how a Java EE application can provide custom rules for authorization . The code shown in that article was developed and tested using Payara . We're now going to look at how the code can be used on some other servers, starting w...
Last month we presented a way how a Java EE application can provide custom rules for authorization. The code shown in that article was developed and tested using Payara. We're now going to look at how the code can be used on ...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
The state of portable authentication in Java EE, mid 2016 update
In the beginning of this year and two months prior to that we looked at how well modern Java EE servers supported portable authentication (JASPIC) in Java EE. In this article we look at the current state of the union. Originally the situation didn't looked ...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Servlet 4.0's mapping API previewed in Tomcat 9.0 m4
Without doubt one of the most important Servlet implementations is done by Tomcat. Tomcat serves, or has served, as the base for Servlet functionality in a number of Java EE application servers and is one of the most frequently used standalone Servlet conta...
3
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Latest versions Payara and WildFly improve Java EE 7 authentication compliance
Two months ago we looked at the state of portable authentication for GlassFish, Payara, JBoss/WildFly, WebLogic and Liberty in Java EE 7. With the exception of WebLogic 12.2.1, most servers performed pretty well, but there were still a number of bugs presen...
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
How Servlet containers all implement identity stores differently
In Java EE security two artefacts play a major role, the authentication mechanism and the identity store . The authentication mechanism is responsible for interacting with the caller and the environment. E.g. it causes a UI to be rendered that asks for deta...
2
1
Add a comment...

Arjan Tijms

Shared publicly  - 
 
Activating JASPIC in JBoss WildFly
JBoss WildFly has a rather good implementation of JASPIC, the Java EE standard API to build authentication modules. Unfortunately there's one big hurdle for using JASPIC on JBoss WildFly; it has to be activated. This activation is somewhat of a hack itself,...
JBoss WildFly has a rather good implementation of JASPIC, the Java EE standard API to build authentication modules. Unfortunately there's one big hurdle for using JASPIC on JBoss WildFly; it has to be activated. This activat...
3
Add a comment...
Work
Employment
  • Zeef
    Lead Developer
Links
Contributor to
Basic Information
Gender
Male