TOC
Feedback
|
Home TOC |
|
Search
Feedback |
Security
The J2EE application programming model insulates developers from mechanism-specific implementation details of application security. J2EE provides this insulation in a manner that has the complementary affect of enhancing the portability of applications in a way that the applications may be deployed in diverse security environments.
The J2EE platform defines declarative contracts between those who develop and assemble application components and those who configure applications in operational environments. In the context of application security, application providers are required to declare the security requirements of their applications in a way that they may be satisfied during application configuration. The security requirements of an application are communicated in a declarative syntax in a document called a deployment descriptor. An application deployer employs container-specific tools to map application requirements captured in a deployment descriptor to security mechanisms that are implemented by J2EE containers. The J2EE SDK provides this functionality with the deploytool.
In many cases, J2EE containers can provide an application's security functionality completely outside of the application implementation. In other cases, there must be a programmatic aspect to realizing an applications security functionality. The declarative contract that accompanies an application must convey the security requirements of the application, including identifying where it is necessary to bind implementation-embedded security functionality to environment-specific mechanisms or values.
J2EE security mechanisms combine the concepts of container hosting and the declarative specification of application security requirements with the availability of application-embedded mechanisms. This provides a powerful model for secure, portable, distributed component computing.
- Authentication
- J2EE Users, Realms, and Groups
- Authentication Mechanisms
- Controlling Access to J2EE Resources
- Client Authentication
- Web Client Authentication
- Application Client Authentication
- Setting Component Security Identities
- Container Authentication
- Configuring EJB Target Security Requirements
- Configuring Resource Signon (Connectors)
- Authorization
- Declaring Roles
- Declaring Method Permissions
- Declaring Role References
- Mapping Roles to J2EE Users and Groups
- Linking Role References to Roles
- Configuring J2SE Security Policy Files
- Determining the Caller Identity
- Making Portable Access Decisions Programmatically from Components
- Protecting Messages
- Application Scenarios
- J2EE Application Client
- Web Browser Client
|
Home TOC |
|
Search
Feedback |