Summary

This chapter covered the essentials of client-side development and security. JNDI provides directory services to Java applications. Not only is JNDI an API, but the JNDI architecture provides a Service Provider Interface (SPI) so that the naming and directory services can be abstracted from the implementation. That allows different providers to be used and interchanged without affecting the application implementation. Security in JNDI is based on the security services given by the underlying implementation and is not specified by the specification.

This chapter also covered client authentication, You have many options to perform authentication, some of which were explored in this chapter. Application deployment via the web.xml file, which specifies how the application is configured, was covered as well.

In addition, this chapter discussed Java Server Pages (JSPs) and Servlets, including a brief discussion on how they are affected by security. Finally, you saw an application example (called Project Info App) that was used to illustrate how the different components fit together. With the basic examples explained here and the knowledge that you have gained throughout the previous chapters, you can build an application with robust authentication and authorization.