PicketBox is a security framework for Java Applications.
PicketBox has factilities for both:
Application Security
EE Container Security
This is all backed by some excellent quickstarts to get the developers going.
SecurityProjectsArchitecture
Java Application Security
PicketBox Requirements Document
Releases
Final Releases
5.0.0.Final
Timed Releases
Timed Release 2012-Aug-24
Timed Release 2012-Nov-06
Timed Release 2012-Nov-21
Timed Release 2012-Nov-26
Timed Release 2012-Sep-17
Timed Release 2012-Sep-18
Timed Release 2012-Sep-26
Timed Release 2013-Feb-01
Timed Release 2013-Jan-04
Timed Release 2013-Jan-24
Real World Examples
Aerogear
PicketBox Quickstarts
Getting Started
Getting Started - Basic Concepts
Getting Started - Five minutes Tutorial
Getting Started - Simple Web Appplications
PicketBox Features
Auditing
PicketBox HTTP
Configuration
HTTP Authentication
Logout
URL Security
Authentication
Authentication Mechanisms
Certificate Credential
Time Password
Trusted Username
Username and Password
User Context Populator
Authentication Manager
Database Based Authentication Manager
LDAP Based Authentication Manager
Properties File Based Authentication Manager
Authorization Manager
Drools Authorization
Simple Authorization
EntitlementsManager
Event Handling
Identity Management
based Identity Store
LDAP-based Identity Store
File-based Identity Store
ConfiguredRolesIdentityManager
LDAP Based Identity Manager
LDAP Search Handler
LDAP Searching - Style 1
LDAP Searching - Style 2
LDAP Searching - Style 3
LDAP Searching - Style 4
JSON Security
Securing JAX-RS Payload
Security Context Propagation
Session Management
Configuring PicketBox Programmatically
Java Keystores
PicketBox LDAP Server
Deprecated Documentation
PicketBox CDI
PicketBox Solder
TicketMonster