TOC
Index
Feedback
|
Home TOC Index |
|
Search
Feedback |
Security
The J2EE application programming model insulates developers from mechanism-specific implementation details of application security. J2EE provides this insulation in a way that enhances the portability of applications, allowing them to be deployed in diverse security environments.
Some of the material in this chapter assumes that you have an understanding of basic security concepts. To learn more about these concepts, we highly recommend that you explore the Security trail in the Java Tutorial (see
http://java.sun.com/docs/books/tutorial/security1.2/index.html) before you begin this chapter.In This Chapter
- Overview
- Security Roles
- Declaring and Linking Role References
- Mapping Roles to J2EE Users and Groups
- Web-Tier Security
- Protecting Web Resources
- Controlling Access to Web Resources
- Authenticating Users of Web Resources
- Using Programmatic Security in the Web Tier
- Unprotected Web Resources
- EJB-Tier Security
- Declaring Method Permissions
- Using Programmatic Security in the EJB Tier
- Unprotected EJB-Tier Resources
- Application Client-Tier Security
- Specifying the Application Client's Callback Handler
- EIS-Tier Security
- Configuring Sign-On
- Container-Managed Sign-On
- Component-Managed Sign-On
- Configuring Resource Adapter Security
- Propagating Security Identity
- Configuring a Component's Propagated Security Identity
- Configuring Client Authentication
- J2EE Users, Realms, and Groups
- Managing J2EE Users and Groups
- Setting Up a Server Certificate
|
Home TOC Index |
|
Search
Feedback |