
The Payara Monthly Catch -September 2025
Welcome aboard the September issue of The Monthly Catch! With summer holidays wrapping up, the Java world is back […]
Security is a paramount concern for modern web applications. Protecting sensitive data and user access necessitates a standardized approach. The OpenID Connect (OIDC) protocol, in conjunction with Identity Providers (IdPs) like Keycloak, and the Jakarta Security API integrated into Jakarta EE, offer a reliable solution. Together, they help streamline authentication and authorization in your Jakarta EE applications.
Keycloak is an open-source Identity and Access Management (IAM) solution. It allows you to easily secure any kind of applications by providing comprehensive authentication and authorization services.
Keycloak streamlines security management with its intuitive admin console, simplifying tasks like user management, role definition, and protocol configuration. It supports a wide range of authentication options, including social logins (Google, Facebook, etc.) and multi-factor authentication (MFA), for enhanced security. Beyond that, Keycloak introduces Single Sign-On (SSO) capabilities, enabling users to access multiple applications seamlessly with a single set of credentials. As an open-source project, Keycloak benefits from an active community dedicated to improving and extending its capabilities.
The Jakarta Security 3.0 specification, introduced in Jakarta EE 10, makes working with OpenID Connect (OIDC) a natural fit within your Jakarta EE applications. The central piece here is the @OpenIdAuthenticationMechanismDefinition annotation, which allows you to declare and configure your OIDC settings. MicroProfile Config adds flexibility, enabling you to tailor your security setup based on the deployment environment.
Keycloak integrates with Jakarta EE for fine-grained authorization. The @RolesAllowed annotation allows you to protect specific classes or methods based on user roles. For legacy applications or more general protection, you can use the traditional web.xml configuration mechanisms.
@Path("/rating")
@RolesAllowed("CAN_VOTE")
public class SessionVoteResource {
}
@RequestScoped
public class AuthController {
@Inject
OpenIdContext openIdContext;
public String getCurrentUserName() {
return openIdContext.getClaims().getName().orElse(null);
}
}
OIDC, Keycloak and Jakarta Security form a great trio for application security in the Jakarta EE ecosystem. The streamlined integration and flexibility offered by this combination make it an excellent choice for protecting your applications. To dive deeper into these concepts and implement best practices, be sure to grab a copy of our free guide, “Securing Jakarta EE Applications with OIDC and Keycloak.”
Also, download Payara Community, start exploring, and enhance the security of your applications today!
Share:
Welcome aboard the September issue of The Monthly Catch! With summer holidays wrapping up, the Java world is back […]
Cybersecurity isn’t just about building walls, fortresses, moats or any other external barrier anymore. Nowadays, it’s important to check […]
If your Java EE 8 applications run on Red Hat JBoss Enterprise Application Platform (EAP) 7, you can’t afford […]