302
J2EE Platform Security Model
form based, or mutual authentication) specified in the application's deployment
descriptor. 
It is important to note that J2EE Web containers provide single sign on among
applications within a security policy domain boundary. Clients often make multi 
ple requests to an application within a session. At times, these requests may be
among different applications. In a J2EE application server, when a client has
authenticated in one application, it is also automatically authenticated for other
applications for which that client identity is mapped. Web containers allow the
login session to represent a user for all applications accessible to the user within a
single application server without requiring the user to re authenticate for each
application. However, this mechanism is more appropriate for session aware,
browser based Web applications; it is not as applicable to Web service interactions
since Web services have no standard notion of session oriented interactions. Other
efforts provide similar security capabilities to Web services, such as the Liberty
Alliance specifications 
(http://www.projectliberty.org
). 
7.2.1.3
EJB Tier Authentication
The EJB container has the ability to handle authentication. When a client directly
interacts with a Web service endpoint implemented by an enterprise bean, the EJB
container establishes the authentication with the client. Optionally, you can structure
an application so that a Web container component may handle authentication for an
EJB component. Several use case scenarios describe these situations.
One common scenario involves a Web tier component that receives a user
request sent to it over HTTP. To handle the request, the Web component calls an
enterprise bean component on the EJB tier, a typical scenario since many Web
applications use enterprise beans. This is often done in browser based Web appli 
cations and also with Web services applications that have a JAX RPC Web end 
point. In these cases, the application developer places a Web component in front
of the enterprise bean and lets the Web component handle the authentication.
Thus, the Web container vouches for the identity of those clients who want to
access enterprise beans, and these clients access the beans via protected Web com 
ponents. Figure 7.3 illustrates how an application can be structured to use the Web
container to enforce protection domain boundaries for Web components, and, by
extension, for the enterprise beans called by the Web components. 






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting