Ejb container security?, JAVA Programming


EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.


Posted Date: 7/27/2012 4:33:22 AM | Location : United States

Related Discussions:- Ejb container security?, Assignment Help, Ask Question on Ejb container security?, Get Answer, Expert's Help, Ejb container security? Discussions

Write discussion on Ejb container security?
Your posts are moderated
Related Questions
Java Virtual Machine & Runtime Environment Basic Concept When you write a program in C++ it's called source code. C++ compiler converts this source code into the machine c

Theobjectiveoftheassignment is tofamiliarize youwithinheritance, GUIand abstraction. Create anabstractclass named that includesprivatefields for the InternationalStandard BookNumbe

Describe what is bytecode? It is an instruction set. It extends with class. 'javac' compiler translates the .java file into .class. JVM interprets bytecode.

Explain BIOS in java language? BIOS basically stand for Basic input/output system it is also called as the system BIOS or ROM BIOS is a de facto standard describing a firmware

It terminates execution of the block of statements in while or for loop & continues execution of the loop along with the next iteration. On the contrary to the break statement, con

Using Java, write the class Time which consists of the following: (a) three private integer data members (hours, minutes and seconds). (b) a constructor to initialise the dat

You can declare a variable by the var statement such as: var strname = some value You can also declare a variable with simply assigning a value to the variable. Although, if

can i have code on this assignment: The code in the main method should do the following: 1. Prompt the user for a string input value for the amount in dollars and store it in a va

solve the string public int expression("10+20+30")

Sudoku Class (Simple Version) The Sudoku class will encapsulate the minimum necessary data and logic to manipulate, print, and set the SudCells , in anticipation of a high