The tutorial provides a how-to guide for applying end-to-end security enforcement across a sample Java Web environment using Java EE, Spring and Apache Fortress security.
Requirements covered include authentication, authorization and confidentiality. Both declarative and programmatic enforcement controls will be used. Authorization granularity ranges from coarse (java EE, spring) to fine (fortress).
To get started, follow the instructions in the README located on github:
More info here: anatomy-secure-web-app-lrtf-2017.pdf