Explore a comprehensive 35-minute technical session on building secure Java web applications using Spring Security and Apache Fortress. Dive into the Jakarta EE architecture and learn practical, hands-on techniques for implementing robust authentication, authorization, and confidentiality controls. Discover where to place security controls and why, with code examples to jumpstart your own highly secure Java web applications. Gain insights from industry experts Shawn McKinney and John Tumminaro as they demonstrate an end-to-end application security architecture for an Apache Wicket Web app running in Tomcat. Understand the importance of runtime Java security policies, ANSI RBAC INCITS 359 specification, and ABAC implementation. Walk through real-world examples, including role engineering samples and live demos of Apache Fortress, to enhance your understanding of secure web application development.