Authorization-security compnent, JAVA Programming

Assignment Help:

Define: Authorization is the process by which a program calculates whether a given identity is permitted to access a source such as an application component or a file. Now that you are authenticated, but Are you allowed to use the resource or component you are requesting?

Authorization: Process of calculating what type of access (if any) the security policy gives to a resource by a principal.

Security role: A logical grouping of users who gives a level of access permissions.

Security domain: A scope that describes where a set of security policies are enforced and maintained.

J2EE uses the concept of security roles for both programmatic and declarative access controls. This is distinct from the traditional model.

Permission-based authorization: Typically in permission-based security both resources and users are described in a registry and the association of groups and users with the resources takes place through Access Control Lists (ACL). The maintenance of registry and ACLs needs a security administrator.

Role based authorization: In J2EE role based model, the groups and users of users are still stored in a user registry.  A mapping can also be given between users and groups to the security constraints. This can exist in J2EE applications or a registry themselves can have their own role based security constraints described through deployment descriptors like ejb-jar.xml, web.xml, and/or  application.xml. 

 


Related Discussions:- Authorization-security compnent

Basic difference between equals and identity method, The == gives true, i...

The == gives true, if the variable reference points to the similar types of object in memory. That is a " shallow comparison ".   The equals () - gives the results of run

Explain what is naming applets in java applets, Explain what is Naming Appl...

Explain what is Naming Applets in java applets? You can give an applet a name by using the NAME attribute of the APPLET element. This allows communication between different app

Create an interface with a method concatenation, a)  Using Java, create an ...

a)  Using Java, create an interface with a method called concatenation which will be implemented in the class patient in part b. b)  Using Java, write the class patient with the

Why use rmi when we can handle the same benefits from ejb?, EJBs are distri...

EJBs are distributed elements, which need the RMI framework for object distribution. An EJB application server gives more services like object pooling, transaction management, data

Bluej, how to write a program to assign value of variable age and print if ...

how to write a program to assign value of variable age and print if person is major.

How do i include static files within a jsp page, Static resources should al...

Static resources should always be contained using the JSP include directive. This way, the inclusion is performed just once during the translation phase. Do note that you should al

How to get data from the velocity page in a action class, We can get the va...

We can get the values in the action classes by using data.getParameter("variable name described in the velocity page");

In which way java says write once run anywhere, Java says write once, run ...

Java says write once, run anywhere . In which ways this isn't quite applicable ?

Advanced java info1414, This is a working program that shows election resul...

This is a working program that shows election results from the infamous 2000 presidential election involving a lot of Floridians and 'hanging chads'. The program as written reads a

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd