Authorization-security compnent, JAVA Programming

Define: Authorization is the process by which a program calculates whether a given identity is permitted to access a source such as an application component or a file. Now that you are authenticated, but Are you allowed to use the resource or component you are requesting?

Authorization: Process of calculating what type of access (if any) the security policy gives to a resource by a principal.

Security role: A logical grouping of users who gives a level of access permissions.

Security domain: A scope that describes where a set of security policies are enforced and maintained.

J2EE uses the concept of security roles for both programmatic and declarative access controls. This is distinct from the traditional model.

Permission-based authorization: Typically in permission-based security both resources and users are described in a registry and the association of groups and users with the resources takes place through Access Control Lists (ACL). The maintenance of registry and ACLs needs a security administrator.

Role based authorization: In J2EE role based model, the groups and users of users are still stored in a user registry.  A mapping can also be given between users and groups to the security constraints. This can exist in J2EE applications or a registry themselves can have their own role based security constraints described through deployment descriptors like ejb-jar.xml, web.xml, and/or  application.xml. 

 

Posted Date: 7/27/2012 6:02:44 AM | Location : United States







Related Discussions:- Authorization-security compnent, Assignment Help, Ask Question on Authorization-security compnent, Get Answer, Expert's Help, Authorization-security compnent Discussions

Write discussion on Authorization-security compnent
Your posts are moderated
Related Questions
Can we use the constructor, instead of init(), to initialize servlet? Ans) Yes. Of course you can use the constructor instead of init(). There's nothing to stop you. But you sho

Differentiate Local and Global Variables? Local variables are the variables have limited scope although global have bigger scope Local variables are not accessed through others

Custom Website Technical Specification Document A Solution provider / System Architect to interpret and speak with me and build business functional needs and a set of research d

What are the steps of working of TCP and IP protocols within internet transmission? TCP divide messages in several packets (capsulation) and sent these messages over the internet

The assignment is implementing a CLI in Java with several usable commands, using Threads.

How do you start the Energy consumption program

What are the Design Goals of Java Massive growth of the Internet and World-Wide Web leads us to a completely new way of looking at development of software which can run on diff

State the Java Programmer Efficiency Faster Development Building an application in Java takes about 50% less time than in C or C++. So, faster time to market Java is said to

Explain the term array and Scope of Variable? Defining the space in that a variable is effective is known as describing the scope of a variable. A variable can be either local

In a RMI Client Program, what are the excpetions which may have to handled Ans) a. MalFormedURLException b. NotBoundException c. RemoteException