Earn Money
Trading Forex Online
Paramount Airways
Free Data Recovery
Cargo
Job Portal
HSBC Investment
Management
Cheap Web Hosting
Make Trip
Cheap Air Travel
Leisure Hotel
Free Air Travel
Mutual Fund Informations
Cheapest Cellular Plan
Free Sexy Indians
Call Center Software
Hot Indian
|
Programming Help |
Homework Help |
Counseling
Astrology Advice |
Tarot Advice |
Parenting
Dating Advice |
Love Advice |
Divorce Advice
Legal Advice |
Debt Advice |
Career Advice
Enterprise Beans Tutorial
26
Security
·
You declare the security attributes of an enterprise bean in with the Application Deployment Tool.
·
This declarative approach to security enforcement has two major advantages.
o
First, you save time because you don't have to code and debug security routines in your
enterprise beans or their clients.
o
Second, the administrator of the J2EE server can customize the security attributes for a
particular production environment at deployment time.
·
The J2EE server enforces security at two levels:
Authentication
and
Authorization
.
Authentication
·
Authentication
is the process by which a user proves his or her identity to a system.
·
The J2EE server controls client access with a distributed authentication service.
·
This service controls whether or not a J2EE user can access the components within a J2EE application.
·
In a commercial implementation of J2EE, for example, a J2EE user and an operating system user might
be the same, but in the J2EE SDK they are not.
J2EE Users, Realms, and Groups
·
A J2EE user is similar to an operating system user. Typically, both types of users represent people.
However, these two types of users are not the same.
·
The J2EE authentication service has no knowledge of the user and password you provide when logging
on to the operating system.
·
The J2EE authentication service is not connected to the security mechanism of the operating system.
The two security services manage users that belong to different realms.
·
A realm is a collection of users that are controlled by the same authentication policy. The J2EE
authentication service governs users in two realms: certificate and default.
·
Certificates are used with the HTTPS protocol to authenticate Web browser clients
·
To verify the identity of a user in the certificate realm, the authentication service verifies a X509
certificate
. The common name field of the X509 certificate is used as the principal name.
·
In most cases, the J2EE authentication service verifies user identity by checking the default realm. This
realm is used for the authentication of all clients except for Web browser clients that use the HTTPS
protocol and certificates.
·
A J2EE user of the default realm may belong to J2EE group. (A user in the certificate realm may not.)
·
A group is a category of users, classified by common traits such as job title or customer profile. For
example, most customers of an e-commerce application might belong to the CUSTOMER group, but
the big spenders would belong to the PREFERRED group.
·
Categorizing users into groups makes it easier to control the access of large numbers of users. A later
section,
Authorization
, discusses controlling user access to enterprise beans.
Client Authentication
·
The J2EE authentication service controls access from all types of bean clients:
o
J2EE application clients,
o
stand-alone Java applications, and
o
web components.
·
When a J2EE application client starts running, its container pops open a window that requests the
J2EE user name and password
. The authentication service verifies that the user name and password
from the log-on window exist in the default realm. After authentication, the user's security context is
associated with any call that the client makes to enterprise beans deployed in the J2EE server.
|
|
|
Earn Money
Trading Forex Online
Paramount Airways
Free Data Recovery
Cargo
Job Portal
HSBC Investment
Management
Cheap Web Hosting
Make Trip
Cheap Air Travel
Leisure Hotel
Free Air Travel
Mutual Fund Informations
Cheapest Cellular Plan
Free Sexy Indians
Call Center Software
Hot Indian
|
