Reza Rahman is a former independent consultant, now Java EE/GlassFish evangelist at Oracle. He is the author of the popular book EJB 3 in Action. Reza is a frequent speaker at Java User Groups and conferences worldwide. Reza has been a member of the Java EE, EJB and JMS expert groups. He implemented the EJB container for the Resin open source Java EE application server. All views voiced are my own, not necessarily Oracle's. Reza is a DZone MVB and is not an employee of DZone and has posted 160 posts at DZone. You can read more from them at their website. View Full User Profile

role-name="*" and role-name="**" in Servlet 3.1

07.31.2013
| 988 views |
  • submit to reddit

Servlet 3.1 is a relatively minor release included in Java EE 7. However, the Java EE foundational API still contains some very important changes. One such set of features are the security enhancements done in Servlet 3.1 such as the new role-name="*" and role-name="**" options. Servlet 3.1 co-spec lead Shing Wai Chan outlines the use case for the feature and shows you how to use it in a recent code example driven post. He also references the features in his brief Servlet 3.1 overview presentation on the GlassFish Videos YouTube channel(embedded below).

You can also check out the official specification yourself or try things out with the newly releasedJava EE 7 SDK.

Published at DZone with permission of Reza Rahman, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)