Ejb container security?, JAVA Programming

Assignment Help:

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 


Related Discussions:- Ejb container security?

Program with eclipse and enumeration , Problem Definition A new Met Of...

Problem Definition A new Met Office web application will allow users of their web site to view rainfall statistics for months and years in the UK. The application allows the m

What is the difference between SOA and a Web Service, Normal 0 ...

Normal 0 false false false EN-US X-NONE X-NONE

Use the constructor, Can we use the constructor, instead of init(), to init...

Can we use the constructor, instead of init(), to initialize servlet? Ans) Yes. Of course you can use the constructor instead of init(). There's nothing to stop you. But you sho

Important nodes, there are N nodes in a graph, the graph isuni directional ...

there are N nodes in a graph, the graph isuni directional with M edges of these M nodes in a graph, there are K nodes which are important nodes. given initial position I within thi

Explain about the static classes, Explain about the Static classes A  ...

Explain about the Static classes A  class  can  have  static  variables    and    methods.    Static    methods    and    variables    are  associated  with  class  itself  an

Explain ftp-telnet-voip and instant messaging, Write a brief note on each o...

Write a brief note on each of the following. FTP Telnet Instant messaging VoIP FTP: File Transfer Protocol: This protocol is used to upload and download the

Develop program using interactive brokers api, Develop Program using Intera...

Develop Program using Interactive Brokers API Project Description: We require a Matlab function using the Interactive Brokers API for real time trading with three arguments:

Toward privacy preserving and collusion resistance, Need Toward Privacy Pre...

Need Toward Privacy Preserving and Collusion Resistance in a Location Proof Updating System Project Description: Today's location-sensitive service relies on user's mobile de

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd