Standards Basic Method

Introduction

In this lesson, we will recreate the DIY example from the lesson "DIY: Hands-on Base64," but now we will use Jakarta EE facilities. We no longer need to verify if the proper "Authorization" header is present and the verification of the username and password is also done at the runtime itself.

The release of Java EE 8 (now known as Jakarta EE 8) added a new specification: the Security API.

The Security API was built on top of some lower-level specifications for authentication and authorization. Its main goals were to make security easier and more portable between different implementations. It was also easier to configure and could be integrated with the Context and Dependency Injection facilities that became the basis of the Jakarta EE specifications.

Just as with other Jakarta EE specifications, the focus lies on the application’s functionality, not its infrastructure. We will see that we are no longer confronted with some low-level details of the Basic authentication mechanism like header values.