Enterprise Beans Tutorial

Home| Forums | Join Google Group | Join Yahoo Group | Jobs
Get custom programming done at GetAFreelancer.com!
Earn Money
  Trading Forex Online
  Paramount Airways
  Free Data Recovery
 Cargo
 Job Portal
  HSBC Investment
 Management
 Cheap Web Hosting
  Make Trip
  Cheap Air Travel
 Leisure Hotel
  Free Air Travel
  Mutual Fund Informations
   Cheapest Cellular Plan
 Free Sexy Indians
  Call Center Software
  Hot Indian
 Programming Help | Homework Help | Counseling
Astrology Advice | Tarot Advice | Parenting
Dating Advice | Love Advice | Divorce Advice
Legal Advice | Debt Advice | Career Advice

Enterprise Beans Tutorial


28 Scenarios The scenarios in this section show how authentication and authorization work together to manage security for
J2EE applications. J2EE Application Client In this scenario, an employee named Bob has moved and he wishes to update his home address for his company's
records. The company that Bob works for has a J2EE application that allows employees to update their personal
information. Figure 8-1 illustrates this application. To change his address, Bob runs a J2EE application client
that invokes the update method in the Employee enterprise bean. Before Bob runs the client, the J2EE administrator sets up the security as follows: · Only the Administrator and RegularEmployee roles may invoke the update method of the Employee
enterprise bean. · The J2EE group named FullEmployee belongs to the RegularEmployee role. · The J2EE user Bob belongs to the FullEmployee group in the default realm. The J2EE server performs the following security checks at run time:
1. When the J2EE application client starts running it opens a dialog that prompts for the J2EE user name and
password, which Bob enters.
2. The authentication service verifies that Bob's user name and password exist in the default realm.
3. Bob clicks the update button in the client, which attempts to invoke the update method of the Employee
enterprise bean.
4. The EJB container performs authorization. It verifies that the RegularEmployee role, to which Bob's group
(FullEmployee) belongs, has permission to invoke the update method.

FIGURE 8-1 Authenticated Access to an Enteprise Bean Web Browser Client In the next scenario, illustrated in figure 8-2, Mary transfers money between her savings and checking accounts
from her Web browser. To transfer the funds, Mary enters a URL that accesses a JSP component. This
component calls a JavaBeans TM component, which invokes the transfer method of the Account enterprise bean. The J2EE administrator enforces security with these rules:

Earn Money
  Trading Forex Online
  Paramount Airways
  Free Data Recovery
 Cargo
 Job Portal
  HSBC Investment
 Management
 Cheap Web Hosting
  Make Trip
  Cheap Air Travel
 Leisure Hotel
  Free Air Travel
  Mutual Fund Informations
   Cheapest Cellular Plan
 Free Sexy Indians
  Call Center Software
  Hot Indian