302


J2EE Platform Security Model


form based, or mutual authentication) specified in the application's deployment


descriptor. 


It is important to note that J2EE Web containers provide single sign on among


applications within a security policy domain boundary. Clients often make multi 


ple requests to an application within a session. At times, these requests may be


among different applications. In a J2EE application server, when a client has


authenticated in one application, it is also automatically authenticated for other


applications for which that client identity is mapped. Web containers allow the


login session to represent a user for all applications accessible to the user within a


single application server without requiring the user to re authenticate for each


application. However, this mechanism is more appropriate for session aware,


browser based Web applications; it is not as applicable to Web service interactions


since Web services have no standard notion of session oriented interactions. Other


efforts provide similar security capabilities to Web services, such as the Liberty


Alliance specifications 


(http://www.projectliberty.org


). 


7.2.1.3


EJB Tier Authentication


The EJB container has the ability to handle authentication. When a client directly


interacts with a Web service endpoint implemented by an enterprise bean, the EJB


container establishes the authentication with the client. Optionally, you can structure


an application so that a Web container component may handle authentication for an


EJB component. Several use case scenarios describe these situations.


One common scenario involves a Web tier component that receives a user


request sent to it over HTTP. To handle the request, the Web component calls an


enterprise bean component on the EJB tier, a typical scenario since many Web


applications use enterprise beans. This is often done in browser based Web appli 


cations and also with Web services applications that have a JAX RPC Web end 


point. In these cases, the application developer places a Web component in front


of the enterprise bean and lets the Web component handle the authentication.


Thus, the Web container vouches for the identity of those clients who want to


access enterprise beans, and these clients access the beans via protected Web com 


ponents. Figure 7.3 illustrates how an application can be structured to use the Web


container to enforce protection domain boundaries for Web components, and, by


extension, for the enterprise beans called by the Web components. 








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      
 

    

  

  




Our web partners:
Inexpensive 
Web Hosting 



Java Web Hosting


personal webspace


webspace php 


linux webhost
 




 html web templates




DreamweaverQuality Web Templates


PSD Web Templates
 





cheap webhost


j2ee web Hosting


buy webspace


ftp webspace


adult webspace
 





frontpage WebHosting


webspace hosting


cheap webhost


Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved



aol web hosting