Chapter 7 Security
293
needs to those of Web based enterprise applications (such as browser based applica 
tions accessing Web sites). Typically, Web site and Web service application use
cases involve access to services through the Internet or an intranet, allow users to
access certain sets of resources but not others, and allow users to perform some set
of actions. In addition, users might require access to other resources, such as a data 
base, and they might need to interact with other applications.
Some of the security needs of Web site applications and Web services are very
similar. For example, a Web site application must authenticate its users, and a Web
service application must authenticate its clients. However, Web services applica 
tions have additional security needs, because their use cases are typically applica 
tion to application rather than user to application and because their
communication interaction uses new technologies. Later in this chapter we
examine security issues specific to Web services, plus we look at the specific
details for implementing Web services specific security mechanisms. 
Let's first look at some typical Web services scenarios and examine the secure
interactions between clients and services. Not only do we look at security issues
relevant to client and service interactions, we also examine how service endpoints
interact in a secure manner with resources and components of an enterprise to
process requests. Before doing so, however, we examine basic security require 
ments.
7.1.1 General Security Requirements
Although varying greatly in implementation and functionality, J2EE Web services
scenarios have common security requirements. They require certain security con 
straints for message exchange interactions and data passing between a client and a
service. In addition to securing service and client interactions, Web service end 
points must be able to securely access other J2EE components (such as entity beans)
and external resources (such as databases and enterprise information systems) to
process client requests. While processing a client request, service endpoints may
also need to interact with other Web services, and this, too, must be done in a secure
manner.
Figure 7.1 shows a Web service interaction in which a client request to the
service causes the service endpoint to interact with other components, resources,
and systems. It illustrates that a Web service request can take many paths and
result in interactions with different containers, components, and resources, includ 
ing other Web services. Requests to a Web service start with a client sending a
message to a Web service endpoint running in a Web or EJB container.






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting