Authorization-security compnent, JAVA Programming

Define: Authorization is the process by which a program calculates whether a given identity is permitted to access a source such as an application component or a file. Now that you are authenticated, but Are you allowed to use the resource or component you are requesting?

Authorization: Process of calculating what type of access (if any) the security policy gives to a resource by a principal.

Security role: A logical grouping of users who gives a level of access permissions.

Security domain: A scope that describes where a set of security policies are enforced and maintained.

J2EE uses the concept of security roles for both programmatic and declarative access controls. This is distinct from the traditional model.

Permission-based authorization: Typically in permission-based security both resources and users are described in a registry and the association of groups and users with the resources takes place through Access Control Lists (ACL). The maintenance of registry and ACLs needs a security administrator.

Role based authorization: In J2EE role based model, the groups and users of users are still stored in a user registry.  A mapping can also be given between users and groups to the security constraints. This can exist in J2EE applications or a registry themselves can have their own role based security constraints described through deployment descriptors like ejb-jar.xml, web.xml, and/or  application.xml. 

 

Posted Date: 7/27/2012 6:02:44 AM | Location : United States







Related Discussions:- Authorization-security compnent, Assignment Help, Ask Question on Authorization-security compnent, Get Answer, Expert's Help, Authorization-security compnent Discussions

Write discussion on Authorization-security compnent
Your posts are moderated
Related Questions
Explain all Java Primitive Data Types? boolean 1-bit. May take on the values true and false only. true and false are describe constants of the language and are not the s

Need Java Assignment for course Project Description: I want to get an assignment done. Involves building on a minesweeper game written in Java. You subsequent code is to be u

Explain what is Multilevel Inheritance ? The Car-Motorcycle-MotorVehicle instances showed single-level inheritance. There's nothing to stop you from going next. You can describ

Dynamic JAVA Class and type information is kept around at runtime. This allows runtime loading and inspection of code in a very flexible way.

Question: (a) Explain the importance of abstract classes in Java with an appropriate example. (b) Explain what is meant by an interface in Java? Use a simple example to il

1.   final - it is a constant declaration. 2.   finally - handles exception. The finally block is optional and gives a mechanism to clean up regardless of what occurs within

how to imlement thomas'' write rule?

When wiring beans, if a bean element is embedded to a property tag directly, then that bean is said to the Inner Bean. The disadvantage of this bean is that it cannot be reused any

How Trojan Horses or Worms affect a computer system? What guidelines should be adopted to troubleshoot along with malicious software? Trojan horses are stand-alone programs. Th

Describe final arguments? At last, you can declare in which method arguments are final. This means that the techniques will not directly change them. Because all arguments are