j2ee implementing security and using a framwork pros and cons

Posted by Ismail Marmoush on Programmers See other posts from Programmers or by Ismail Marmoush
Published on 2013-02-26T15:12:14Z Indexed on 2013/06/28 4:28 UTC
Read the original article Hit count: 456

I'm a newbie to j2ee security, and i'm not j2ee expert either, though i'm really willing to put some effort and learn I've an application that i'm about to develop on Google App Engine (GAE) --with no time constraints. As you know GAE handles a lot of web container security issues for you, also

  1. I will be using openID for authentication exclusively (sessions will be handled by provider).
  2. GAE supports SSL which will help with confidentiality and integrity maybe.
  3. Authorization can be done through filters.

I know reinventing the wheel is a mess, but I was looking forward to learn something about security and implement that in my new app.

so what the pros and cons of using a framework like shiro, spring security, jguard etc or filling the rest of gaps on my own ?

© Programmers or respective owner

Related posts about security

Related posts about java-ee