This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
Not sure about encryption, but authentication and access control are discussed. This realizes as the web.xml DTD specification, which contains tags for declaring security constraints for web applications (or parts of them).
Thanks Lasse. Does J2EE1.3 spec said anything about userID/password management and user-securityRole mapping? I think web.xml only defines the security-role. [ October 09, 2002: Message edited by: Jane Smith ]
subject: Authentication, access control, and encryption in web tier