In the first part of this tutorial, you will protect access to the application’s Web client, which is a JSP with servlet.
To enforce access protection to the JSP, you will implement the following steps:
1. Require authentication for access to the JSP application. In this way, you obtain the user’s ID to use for the authorization check.
2. Create the QuickReservationPermission permission class to use for the JSP.
3. Implement the checkPermission() method in the servlet. This check makes sure that the user has the authorization for accessing the application.
These permissions allow users to access the application. You will later differentiate between viewing and maintaining reservations when you protect access to the EJB methods.