In my previous blog post,here,I examined the JSR-375 specifications and their implementation by Jakarta EE and, more specifically, by the Payara Platform (Server and Micro).

I presented a brief overview of the JSR-375 specifications and their new features, focusing on the notion of Identity Store and illustrating, with a simple example, one of the most common use cases: the LDAP (Lightweight Directory Access Protocol) based authentication and authorization process.

Jakarta EE is the most popular Java server-side framework, way ahead its alleged competitors such as Spring, Quarkus, Micronaut or Dropwizard. With the industry-wide adoption of microservices based architectures, its popularity is skyrocketing and, during these last years, it has become the preferred framework for professional software enterprise applications and services development in Java.

In this blog, I'll explain more about Jakarta EE from my perspective as a Senior Java software architect/developer and why Jakarta EE and its runtimes beat the competition, in my opinion!

These days the world-wide open-source community celebrates the advent of Jakarta EE 10. It is then a good time to look at one of its most relevant and, at the same time, unknown parts: security!

In this blog, I'll give an introduction to Jakarta EE Security, and then explain how Payara Platform builds on Jakarta EE Security with built-in identity stores for RDBMS (Relational Database Management System) and LDAP (Lightweight Directory Access Protocol).