Ejb container security?, JAVA Programming

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 

Posted Date: 7/27/2012 4:33:22 AM | Location : United States







Related Discussions:- Ejb container security?, Assignment Help, Ask Question on Ejb container security?, Get Answer, Expert's Help, Ejb container security? Discussions

Write discussion on Ejb container security?
Your posts are moderated
Related Questions
The hashCode() and equals() methods have to be very important, when objects implementing these two functions are added to collections. If not implemented or implemented incorre

Did Java support hybrid inheritance?

EJB 2.x is broadly adopted server side component architecture for J2EE. 1. EJB is a remote, distributed multi-tier system and allows protocols like IIOP, JRMP, and HTTP etc.

Explain the Execute phase of Java Program Development Finally in phase computer, under the control of its CPU, interprets program one bytecode at a time. Hence performing

State the significance of public, private, protected, default modifiers both singly and in combination and state the effect of package relationships on declared items qualified by

In this assignment, you are provided with an interface that contains a generic type. You are asked to create two classes that implement this interface. A. The Sequenced Interfac

This assignment has two main objectives. It aims to establish a basic familiarity with the Java API (Java Thread class) for creating multithreaded Java application, and the Java ne

Assignment Your task in this assignment is to develop a Java program that can communicate with a real SMTP email server for sending emails. It should have a graphical user inter

write a program to find the area under the curvey y=f(x) between x=a and x=b.integrate y=f(x) between the limits of a and b. the area under a curve between two points can be found

Java is increasingly used for middleware applications to communicate among Server and clients. Java has features like multithreading, portability and networking capabilities. Chang