Web applications often need to provide security on application access (authentication) and on page access control rules (authorization). It can take a lot of time to implement these requirements from scratch to produce a secure application, but thanks to the Java Servlet specification, such common security requirements can be handled at the container level. This article explains how to apply container-managed security in Apache Tomcat in a Java web application for authentication and authorization:

Read the full article.