Ejb container security?, JAVA Programming

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 

Posted Date: 7/27/2012 4:33:22 AM | Location : United States







Related Discussions:- Ejb container security?, Assignment Help, Ask Question on Ejb container security?, Get Answer, Expert's Help, Ejb container security? Discussions

Write discussion on Ejb container security?
Your posts are moderated
Related Questions
We can get the values in the action classes by using data.getParameter("variable name described in the velocity page");

Question 1 Explain any five buzz words in Java 2 Explain exception classes and also explain common exceptions in java 3 Explain primitive and abstract data type in java

Two XML configuration files are uses by The Validator Framework validator-rules.xml and validation.xml. The validator-rules.xml shows the standard validation routines, these are re

Assignment Help >> JAVA Programming Learning Outcomes: 1. Use different program control statements in a programming language 2. Demonstrate the use of arrays with a programming

What is the function of Network Interface Card? NIC is an I/O device which plugs within the computer and it enables it to communicate over a network.

Want an Experienced iOS and Android expert Project Description: I am seeking a super talented team or Individual for a Real Estate app. The project wants to get done in a ver

Comparable interface: The "Comparable" allows itself to compare with other same types of object. The function compareTo() is specified in the interface. Several of the standa

How marketing strategies are changed along with the progress in computing? How latest marketing strategies are implemented? Marketing Strategy Changes along with the latest req

can you explain me the er diagram for the online doctor system

The AOP module is used for developing aspects for our Spring-enabled application. Much of the support has been given by the AOP Alliance in order to ensure the interoperability amo