The Java Source

Servlet 3.1 in Java EE 7

July 9, 2013 By: Tori Wieldt

Java EE 7 is live, and it includes many changes in 14 active JSRs. One of them is Servlet 3.1. Java Servlets extend and enhance Web servers. They are a provide a component-based, platform-independent method for building Web-based applications, without the performance limitations of CGI programs. And unlike proprietary server extension mechanisms, servlets are server- and platform-independent.

Several of the new features in Servlet 3.1 are in the area of security. Spec Lead Shing Wai Chan told OTN "the changes in Servlet 3.1 will make development much easier, especially in the areas of role mapping." He has written some blogs about the new functionality in Servlet 3.1:

Security Constraint by Role
Prior to Servlet 3.1, web containers use proprietary mechanisms to add security-constraints for any authenticated user. See how you can create security constraints for authenticated users.

One of the new security features is deny-uncovered-http-methods.

Protocol Upgrade
Servlet 3.1 now provides support for protocol upgrade.

For more information

Follow Shing Wai Chan's blog

Visit the JSR-340 page, where you can download the Servlet 3.1 spec.

Join the discussion

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha


More on Java

Integrated Cloud Applications & Platform Services