Ejb container security?, JAVA Programming

Assignment Help:

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 


Related Discussions:- Ejb container security?

Interfaces and generics, In this assignment, you are provided with an inter...

In this assignment, you are provided with an interface that contains a generic type. You are asked to create two classes that implement this interface. A. The Sequenced Interfac

Extraction of articles, Extraction of articles The software I'm looking ...

Extraction of articles The software I'm looking to build: 1. Extraction of articles from various sites 2. Format the content to re-post 3. Automate the process Skill

Design a bond class, In the lectures, we have written programs for bond pri...

In the lectures, we have written programs for bond pricing in discrete time. We have also talked about the theory for bond pricing and yields in continuous time. In this exercise,

Java, 1. Which of the following are not valid Java identifiers, and why? (...

1. Which of the following are not valid Java identifiers, and why? (a) wolVes (b) United(there is only one) (c) 87 (d) 5 3 (e) Real ale (f) isFound?by 2. A class Television

Streaming and decorator construction in java i/o, Java output and input is ...

Java output and input is described in terms of an abstract concept named a " stream ", which is a sequence of data. There are 2 types of streams. 1.      Byte streams (8 bit

Explain difference between the boolean and operator, What is the difference...

What is the difference between the Boolean & operator and the && operator? If an expression including the Boolean & operator is evaluated, both operands are evaluated. Then the

Task priority and uses in scheduling, What do you mean by a task's priorit...

What do you mean by a task's priority and how can we use it in scheduling ?

Explain any five buzz words in java, Question 1 Explain any five buzz word...

Question 1 Explain any five buzz words in Java Question 2 Explain exception classes and also explain common exceptions in java Question 3 Explain primitive and abstract data t

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd