Ejb container security?, JAVA Programming

Assignment Help:

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 


Related Discussions:- Ejb container security?

How to finding an applets size, Finding an Applet's Size When running i...

Finding an Applet's Size When running inside a web browser the size of an applet is set through the height and width attributes and cannot be changed by the applet. Several app

Streaming and decorator construction in java i/o, Java output and input is ...

Java output and input is described in terms of an abstract concept named a " stream ", which is a sequence of data. There are 2 types of streams. 1.      Byte streams (8 bit

How dos attack is a cyber crime what cyber crime can be used, How DoS attac...

How DoS attack is a cyber crime? For what cyber crime can be used? DoS stands for Decline of Service and it is a cyber crime as it jams and within a few cases shut down the goa

Url instance and url connection instance, Difference between URL instance a...

Difference between URL instance and URL Connection instance? Ans) A URL instance shows the location of a resource, and a URL Connection instance shows a link for accessing or co

Page replacement algorithms code in nachos, what is the code for page repla...

what is the code for page replacement algorithms in nachos os

Http tunneling and rmi calls across firewalls , RMI transport layer usually...

RMI transport layer usually opens direct sockets to the server. Several Intranets have firewalls that do not accept this. To get through the firewall an RMI call may be embedded wi

Java developer with spring framework prerequisite, Java developer with spri...

Java developer with spring framework prerequisite from anywhere Let me know that you have proven experience in java with spring frame work. Send some sample data and provide inf

Boardcoloring , n this problem you are given a board in which some of the e...

n this problem you are given a board in which some of the elements are placed as shown in diagram below. Each element represents a color. Fill the other elements in the board, such

Describe in brief about the polymorphism, Describe Polymorphism? Polymo...

Describe Polymorphism? Polymorphism can be referred as one name many forms. It's the ability of methods to behave differently, depending upon object who is calling it. Key feat

Java , what is thread synchronization

what is thread synchronization

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd