316
Security for Web Service Interactions
grammatic JAX RPC APIs to set the username and password properties on stubs
for J2EE components. Thus, J2EE application servers are not required to support
components programmatically setting these identifier values. 
If the endpoint requires mutual authentication, the application server instance
environment is set at deployment with the proper certificates such that they are
available to the J2EE container. Since a client component's deployment descrip 
tors have no portable, cross platform mechanism for setting these security arti 
facts, they must be set using the particular application server's own mechanisms.
In other words, an enterprise bean or servlet component that interacts with a Web
service requiring mutual authentication must, at deployment, make the appropri 
ate digital certificates available to the component's host container. The client's
container can then use these certificates when the component actually places the
call to the service.
Once the environment is set, a J2EE component can make a secure call on a
service endpoint in the same way that it ordinarily calls a Web service it looks
up the service using JNDI, sets any necessary parameters, and makes the call. (See
Chapter 5 for details.) The J2EE container not only manages the HTTPS transport,
it handles the authentication for the call using the digital certificate or the values
specified in the deployment descriptor.
7.3.3 Propagating Component Identity
Web service endpoints and other components can be clients of other Web services
and J2EE components. Any given endpoint may be in a chain of calls between com 
ponents and Web service endpoints. Also, non Web service J2EE components can
make calls to Web services. Each call between components and endpoints may have
an identity associated with it, and this identity may need to be propagated. 
There are two cases of identity propagation, differentiated by the target of the
call. Both cases start with a caller that is a J2EE component including a compo 
nent that is a Web service endpoint. In the first case, the J2EE component or end 
point calls a J2EE component that is 
not
 a Web service. In the second case, the
J2EE component or Web service makes JAX RPC calls to a Web service. 
7.3.3.1
Propagating Identity to Non Web Service Components
All J2EE components have an invocation identity, established by the container, that
identifies them when they call other J2EE components. The container establishes
this invocation identity using either the 
run as(role name)
 or 
use caller 






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting