Java EE 6 Programmatic security, glassfish and JDBC realm

Question

I\'m exploring pure Java EE ways of doing programmatic security, especially login users, based on the jdbc realm from my glassfish server.

So basically, in my login

Answer 1

A purely programmatic approach in a portable (pure Java EE) way is not possible when you use container specific (proprietary) login modules such as the GlassFish JDBC login module/realm.

There is an API in Java EE 6 for this: JASPIC. With that API (SPI technically), you can build portable authentication modules AND configure them fully programmatic without the need for any declaration.

I wrote a blog article about this that hopefully provides you with some more details.