Define: Authorization is the process by which a program calculates whether a given identity is permitted to access a source such as an application component or a file. Now that you are authenticated, but Are you allowed to use the resource or component you are requesting?

Authorization: Process of calculating what type of access (if any) the security policy gives to a resource by a principal.

Security role: A logical grouping of users who gives a level of access permissions.

Security domain: A scope that describes where a set of security policies are enforced and maintained.

J2EE uses the concept of security roles for both programmatic and declarative access controls. This is distinct from the traditional model.

Permission-based authorization: Typically in permission-based security both resources and users are described in a registry and the association of groups and users with the resources takes place through Access Control Lists (ACL). The maintenance of registry and ACLs needs a security administrator.

Role based authorization: In J2EE role based model, the groups and users of users are still stored in a user registry.  A mapping can also be given between users and groups to the security constraints. This can exist in J2EE applications or a registry themselves can have their own role based security constraints described through deployment descriptors like ejb-jar.xml, web.xml, and/or  application.xml. 

 

Posted Date: 7/27/2012 6:02:44 AM | Location : United States

Ask an Expert

Related Discussions:- Authorization-security compnent, Assignment Help, Ask Question on Authorization-security compnent, Get Answer, Expert's Help, Authorization-security compnent Discussions

Write discussion on Authorization-security compnent
Your posts are moderated

Write your message here..

Related Questions

Complete the specification of chatter, Tasks: Complete the specifica... Tasks: Complete the specification of CHATTER, and specify ChatterLists. Implement these ADTs in Java with an abstract class Chatter and a class ChatterList. Use javado

#titCompiler Design - Limit the loopsle.., java coding java coding

Explain about drawing lines, Explain about Drawing Lines? Drawing strai... Explain about Drawing Lines? Drawing straight lines along with Java is easy. Just call g.drawLine(x1, y1, x2, y2) where (x1, y1) and (x2, y2) are the endpoints of your lines

What does tcp/ip stand for, What does TCP/IP stand for? TCP/IP is a Pro... What does TCP/IP stand for? TCP/IP is a Protocol type basically it is known by Transmission Control Protocol/Internet Protocol

Android, how android applications are made using java.? how android applications are made using java.?

Android app implemented on a website, iPhone /Android app implemented on a ... iPhone /Android app implemented on a website Project Description: I need someone to implement an iPhone/Android app onto a website page, So users can be able to use the Ap

Illustrate an example to define a student class, Task - Defining a Student ... Task - Defining a Student class The below illustration will explain how to write a class. We want to write a "Student" class which - should be able to store the below charac

How to display validation errors on jsp page, tag shows all the errors. i... tag shows all the errors. iterates over ActionErrors request attribute.

Explain ftp-telnet-voip and instant messaging, Write a brief note on each o... Write a brief note on each of the following. FTP Telnet Instant messaging VoIP FTP: File Transfer Protocol: This protocol is used to upload and download the

Tasks with the classes Currency, In this assignment you work on a set of ta... In this assignment you work on a set of tasks with the classes Currency, Money and Bank. Money and Currency You have been given a template for the Currency and Money classes (Lab1.