294
Security Scenarios
Application
Client
Web Service Endpoint
Web Service 
Connector
Endpoint
Web Container
Web Service Endpoint
Connector
EIS System
Enterprise bean
Entity bean
EJB Container
Database
Figure 7.1
Anatomy of a Web Service Interaction
E
However, designing a secure Web service involves more than just securing the 
initial interaction between the client and the service. For a truly secure service, 
you must also consider the security needs of the Web service endpoint's sub 
sequent interactions with other J2EE components, resources, and so forth, that 
it undertakes to process the request. 
Most client requests to a service require the service to access a series of com 
ponents to fulfill the request and each call might have its own, unique security
requirement. This results in a chain of calls to various components, some of which
might be within the initiating component's security domain and others of which
are outside that security domain. With such a chain of component calls, each
cooperating component in the chain must be able to negotiate its security require 
ments. In addition, components along the chain might use different security proto 
cols. In short, security needs to flow from a client to a called component, then to
other components and resources, while passing through different security policy
domains. 
A J2EE application must be able to integrate its own security requirements
and mechanisms with those of different components and systems. For example, a
client might make a request to a Web service. The client call is to an endpoint,
which in turn might call other Web services, make IIOP calls, access resources,
and access local components. Each component other Web services, local and






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting