Search⌘ K
AI Features
Home
Courses
JakartaEE Security Workshop

Introduction to Window Shopping

Explore Basic authentication mechanisms and Base64 encoding in Jakarta EE web applications. Understand project setup with Maven and the role of encoding in transmitting user credentials securely in headers.

We'll cover the following...

Overview

In this chapter, we will explore the Basic authentication mechanism and learn about the headers and encoding. We’ll start by explaining how we can create the project skeleton with Maven. We will also compare the usage of a third party library and the Jakarta EE standard to perform the task.

Project creation

As discussed in the introduction, we will use Maven to build our projects. If you are more familiar with Gradle or any other build tool, you can use the one you’re most comfortable with. We will only use the tool to define dependencies and generate the web archive that we will run each time.

There are several ways we can create a pom.xml file with WAR packaging and the Jakarta EE Web API as a provided dependency. We can make it manually using IDE, copy it from another project, or use one of the Maven Archetypes to create the project.

The important parts of the Maven project file in our examples are:

XML
  <packaging>war</packaging>
  <properties>
      <maven.compiler.source>11</maven.compiler.source>
      <maven.compiler.target>11</maven.compiler.target>
      <failOnMissingWebXml>false</failOnMissingWebXml>
  </properties>
  <dependencies>
      <dependency>
          <groupId>jakarta.platform</groupId>
          <artifactId>jakarta.jakartaee-web-api</artifactId>
          <version>8.0.0</version>
          <scope>provided</scope>
      </dependency>
  </dependencies>
  <build>
      <finalName>template</finalName>
  </build>

Explanation

  • Lines 4 and 5: Within the properties, we establish that we will use Java 11 as our base value.

  • Line 6: We also define failOnMissingWebXml so that Maven doesn’t complain when we don’t have a web.xml file within the project.

  • Line 12: The Jakarta EE Web profile API is declared with provided scope as it is already available on the runtime. This gives us access to the Servlet, Faces, JAX-RS, JSON, and security specifications.

  • Line 19: finalName will define the name of the WAR file.

Note: It is also recommended to change the artifactId for each example so that it is unique each time.

You can also use one of the available Archetypes, although they create much more than required for our examples. If you want to make use of these archetypes, you can perform the following steps:

  • Open the command prompt.

  • Go to the directory where the project code will be created.

  • In a subdirectory, execute any one of the below two Maven commands to create the project.

mvn archetype:generate -DarchetypeGroupId=com.airhacks -DarchetypeArtifactId=jakartaee-essentials-archetype -DgroupId=be.rubus.workshop.security -DartifactId=newTestProject1 -DinteractiveMode=false

or

Shell
mvn archetype:generate -DarchetypeGroupId=de.rieckpil.archetypes -DarchetypeArtifactId=jakartaee8 -DarchetypeVersion=1.0.0
-DgroupId=be.rubus.workshop.security -DartifactId=newTestProject2 -DinteractiveMode=false

  • Connect the terminal by clicking the terminal widget below. Paste any of the above given commands and create a new project.

Terminal 1
Terminal
Loading...

Base64 encoding

Base64 encoding is a technique used to convert data from one representation to another. In Java Enterprise’s Basic authentication mechanism, it is used to transmit user credentials to the server.Base64 encoding is a convenient way to convert binary data into readable characters. The output of Base64 is not itself readable, but the encoded text contains only readable characters. This type of encoding works by taking three consecutive bytes and dividing their 24 bits into four groups of 6 bits.

These 6 bits can represent 64 values, and each value has been assigned an ASCII value as listed below:

Base64 Encoding Table

Value

Char

Value

Char

Value

Char

Value

Char

0

A

16

Q

32

g

48

w

1

B

17

R

33

h

49

x

2

C

18

S

34

i

50

y

3

D

19

T

35

j

51

z

4

E

20

U

36

k

52

0

5

F

21

V

37

l

53

1

6

G

22

W

38

m

54

2

7

H

23

X

39

n

55

3

8

I

24

Y

40

o

56

4

9

J

25

Z

41

p

57

5

10

K

26

a

42

q

58

6

11

L

27

b

43

r

59

7

12

M

28

c

44

s

60

8

13

N

29

d

45

t

61

9

14

O

30

e

46

u

62

+

15

P

31

f

47

v

63

/

As mentioned earlier, we can convert binary information to a representation that uses standard ASCII characters and can be converted back. This is used when, for example, we attach a file to an email, as some email protocols are text-only. The HTTP protocol (at least version 1.x used in the initial connection) is also text-based, meaning that encoding user credentials makes it safe to place them in header fields. Since it is an encoding option, it is not a good measure to ensure no one else can see the user’s password.