Java EE Security API Specification (JSR 375)



This project hosts JSR-375, the Java EE Security API specification.

Goals of the JSR

The goal of this specification is to improve the Java EE platform by ensuring the Security API aspect is useful in the modern cloud/PaaS application paradigm. This promotes self-contained application portability across all Java EE servers, and promotes use of modern programming concepts such as expression language and contexts and dependency injection. This specification will holistically attempt to simplify, standardize, and modernize the Security API across the platform in areas identified by the community.

The Java EE Security API specification is on the JCP Ballot as JSR 375, for inclusion in Java EE 8. The reference implementation (RI) is called Soteria.

Project Resources

Please refer to the following resources for more information:

JCP Process and Expert Group

JSR-375 follows the Java Community Process:


The latest specification and javadoc can be found at:

Source Repositories

Source and issue tracking for the JSR-375 specification, API, and RI are hosted at the following repositorys in the Java EE organization at GitHub:


  • By contributing to this project, you are agreeing to the terms of use described in