You can use the security services available from the Web container to secure Representational State Transfer (REST) resources. You can configure security mechanisms that define user authentication, transport security, authorization control, and user to role mappings.
You can use the administrative console to administer Java API for RESTful Web Services (JAX-RS) applications that have enabled security mechanisms.