Servlet 3.1 in Java EE 7

Java EE 7 is live, and it includes many changes in 14 active JSRs. One of them is Servlet 3.1. Java Servlets extend and enhance Web servers. They are a provide a component-based, platform-independent method for building Web-based applications, without the performance limitations of CGI programs. And unlike proprietary server extension mechanisms, servlets are server- and platform-independent. 

Several of the new features in Servlet 3.1 are in the area of security. Spec Lead Shing Wai Chan told OTN "the changes in Servlet 3.1 will make development much easier, especially in the areas of role mapping." He has written some blogs about the new functionality in Servlet 3.1:

Security Constraint by Role
Prior to Servlet 3.1, web containers use proprietary mechanisms to add security-constraints for any authenticated user. See how you can create security constraints for authenticated users. 

deny-uncovered-http-methods
One of the new security features is deny-uncovered-http-methods.

Protocol Upgrade 
Servlet 3.1 now provides support for protocol upgrade.

For more information

Follow Shing Wai Chan's blog

Visit the JSR-340 page, where you can download the Servlet 3.1 spec.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Insider News from the Java Team at Oracle!

duke
javeone logo
Links


Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
5
6
7
12
13
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today