Ejb container security?, JAVA Programming

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 

Posted Date: 7/27/2012 4:33:22 AM | Location : United States







Related Discussions:- Ejb container security?, Assignment Help, Ask Question on Ejb container security?, Get Answer, Expert's Help, Ejb container security? Discussions

Write discussion on Ejb container security?
Your posts are moderated
Related Questions
What are Access Specifiers available in Java? Java has four access specifiers, which are enlisted below: Public: public methods, classes and fields can be accessed by ever

how i made a calculator in java plz tell help me

Create objects of student class by calling default Create objects of student class by calling default, parameterize and copy constructor Call student class different methods on

RMI Object services: In addition to its remote object architecture, RMI gives some basic object services, which may be needed in a distributed application. 1.  Object namin

need help in assignment

A loop is a set of commands which executes repeatedly till a denoted condition is met. JavaScript supports two loop statements: for & while. Additionally, you can employ the break

Project Description: Our project consists of a plain application, both for iPad/iOS (Newsstand app) and Android 4.x which will download PDF magazines from the internet, after ha

Project Description: We have an encrypted HSQL Database which we need to convert into CSV format. HSQL DB . We have java application jar file which reads that database but no

What is the Set interface? A Set interface is collection of element that can't be duplicated. Set interface comprise methods inherited from collection. It provides method

please fix polygon method, code below: /** * @(#)AnimationExtraCredit.java * * AnimationExtraCredit Applet application * * @author * @version 1.00 2013/5/5 */ import jav