I want to implement some security in the application I develop. But I’m not sure what would be a good framework for this. I never used one for this before.
So here my requirements:
I will use JEE 8
it will be a PWA (with Vaadin 12)
there is a separation in front- and backend users
frontend users will have different view steps (not registered, registered and different pay scales)
backend maybee to: admin, editor, … [but I’m not 100% sure about this atm]
it should be server independent (so JEE security wouldn’t be a good choice?)
and easy to use, of course
Has someone a good idea what would be a good choice?
Let me elaborate that a bit: The linked article talk about cryptography, but I feel like it applies to any security-related subtopic. Basically, it may be tempting to implement your own security solution, but it’s easy to accidentally create vulnerabilities that you can’t find yourself. Experts spend a lot of time trying to come up with secure solutions, and it’s not easy.