Ejb container security?, JAVA Programming

Assignment Help:

 

EJB elements operate inside a container environment and rely heavily on the container to give security. The four key services needed for the security are:

1. Identification: In Java security APIs this identifier is define as a principal.

2. Authentication: To show the identity one must present the credentials in the form of password, digital certificate, swipe card, finger prints etc.

3. Authorization (Access Control): Every secured system should limit access to particular users. The common route to enforce access control is by maintaining security privileges and roles.

4. Data Confidentiality: This is performed by encryption of some sort. It is no good to shield your data by authentication if someone may read the password. 

The EJB specification services itself exclusively with authorization (access control). An application using EJB may specify in an abstract (declarative) and portable way that is allowed to access business functions. The EJB container accepts the following actions:

  • Called out the Identity of the caller of a business function.
  • Check the EJB deployment descriptor to find if the identity is a member of a security role that has been granted the right to invoke this business method.
  • Give java.rmi.RemoteException if the access is illegal.
  • Make the security and the identity role information available for a fine grained programmatic security check.

 


Related Discussions:- Ejb container security?

About state and behavier of two different object, two different object may...

two different object may have chance to have same behavier but property must be different why?

Code, pebble merchant

pebble merchant

Develop a computer program and application, Develop a Computer program and ...

Develop a Computer program and application. Project Description: I want a project done. It is a computer desktop application program. It is not very hard. If you need the det

Array, how do you access a value of an array?

how do you access a value of an array?

Difference between static and non-static variable, What is the difference b...

What is the difference between static and non-static variables? A static variable is associated with the class as a whole rather than with specific instances of a class. Non-st

How to retrieve warnings, SQLWarning objects are a subclass of SQLException...

SQLWarning objects are a subclass of SQLException that deal with database access warnings. Warnings do not stop the implementation of an application, as exceptions do; they easily

What are checked and unchecked exception, What are Checked and UnChecked Ex...

What are Checked and UnChecked Exception? A checked exception is some subclass of Exception (or Exception itself), excluding class RuntimeException and its subclasses. Making a

What types of new jobs are created because of computing, What types of new ...

What types of new jobs are created because of computing? And that old professions are being eliminated? Because of computing whereas people are getting benefits from automated

Explain different advice types in spring, 1) Around : org.aopalliance.inter...

1) Around : org.aopalliance.intercept.MethodInterceptor 2) Before : org.springframework.aop.BeforeAdvice 3)  After : org.springframework.aop.AfterReturningAdvice 4) Throws

Write Your Message!

Captcha
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd