Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating competitive advantage Copyright © 2003 Enterprise Java Beans Presenter: Wickramanayake HMKSK Version:0.1 Last Updated:

Published byChristopher Harmon Modified over 9 years ago

Similar presentations

Presentation on theme: "Creating competitive advantage Copyright © 2003 Enterprise Java Beans Presenter: Wickramanayake HMKSK Version:0.1 Last Updated:"— Presentation transcript:

1 creating competitive advantage Copyright © 2003 Enterprise Java Beans Presenter: Wickramanayake HMKSK kwickramanayake@virtusa.com Version:0.1 Last Updated: 02-Sept-2003 EJB-Tier Security

2 creating competitive advantage Copyright © 2003 creating competitive advantage Contents  Overview  EJB Security Terms  Relationship between EJB Security Entities  Declarative Security  Programmatic Security  Responsibilities of  Bean Developer  Application Assembler  Deployer

3 creating competitive advantage Copyright © 2003 creating competitive advantage Overview  In general, users of a system are required to be authorized to perform various operations  The process of authorization depends on proper identification of users  The process of identification depends on proper authentication  With EJBs, you can obtain security features in two forms:  Declarative Security - No hard coding, but specify requirements in the DD  Programmatic Security - A combination of coding as well as specification in the DD

4 creating competitive advantage Copyright © 2003 creating competitive advantage EJB Security Terms  User  The end user or client making the call. Could be a system name, an IP address or some other form of identification  Principal  A user identity that has been sufficiently authenticated based on the requirements of the target runtime environment  Role  A logical grouping encapsulating the representation of a set of needs.  Security Domain  Defined in the target environment generally as the namespace of the set of users, principals, roles/memberships and mappings to DD roles  Security View  The set of roles as defined by the application assembler and placed in the DD.

5 creating competitive advantage Copyright © 2003 creating competitive advantage Relationship Between EJB Security Entities Dan (IP Add) John (cert) Dan (IP Add) John (cert) Chief Accnt John Mathew Payroll Updater Empl Reporter Payroll Chief Management UsersPrincipalsRoles Role References DD

6 creating competitive advantage Copyright © 2003 creating competitive advantage Declarative Security Example  Declare method permissions (associate methods with roles): 1.Select the enterprise bean. 2.Select the Security tab. 3.In the Method Permissions table, select “Sel Roles” in the Availability column. 4.Then select a role's checkbox if that role should be allowed to invoke a method.  Map roles to J2EE users and groups: 1.Select the application 2.Select the Security tab 3.Associate roles with J2EE users/groups

7 creating competitive advantage Copyright © 2003 creating competitive advantage Programmatic Security  Using getCallerPrincipal() method  Allows bean to verify principal  Not intended for security enforcement  Does not utilize roles Principal p = ctx.getCallerPrincipal(); if(p.getName().equalsIgnoreCase(“Fred Smith”)) // tailor the method for Fred Smith else // unrecognized name throw new MyApplicationException(p.getName() + “ invalid”); public String getUser() { return context.getCallerPrincipal().getName(); }

8 creating competitive advantage Copyright © 2003 creating competitive advantage Programmatic Security  Using isCallerInRole() method  Somewhat similar to getCallerPrincipal()  Allows recognition of roles without bean trying to identify principal  Role can be defined in the DD as a reference  Would introduce portability problems! if(ctx.isCallerInRole(“payroll-admin”)) // then allow editing the payroll info else // not an administrator // allow viewing of data only

9 creating competitive advantage Copyright © 2003 creating competitive advantage Responsibilities of Bean Developer  Normally the bean provider does not stipulate any security requirements  If the been provider is making a reference to a role name in the bean, a bean reference must be declared. Employees... Needs access to update payroll info payroll-admin...

10 creating competitive advantage Copyright © 2003 creating competitive advantage Responsibilities of Application Assembler  Can define security information, or defer to deployer  Assembler defines:  Roles  Method permissions by role  Role reference resolution to actual role names  Definition of Roles: Allow access to employee payroll Payroll-Chief.........

11 creating competitive advantage Copyright © 2003 creating competitive advantage Responsibilities of Application Assembler  Definition of Method Permissions: Payroll-Chief Employees getSalary Employees setSalary...

12 creating competitive advantage Copyright © 2003 creating competitive advantage Responsibilities of Application Assembler  Definition of Role Reference Resolution: Employees... Needs access to update payroll info payroll-admin Payroll-Chief...

13 creating competitive advantage Copyright © 2003 creating competitive advantage Responsibilities of Deployer  Declare principals and roles in the security domain  Map DD roles to roles defined in the security domain  Configure principal delegation for inter-component calls  Create resource access policies and mappings

14 creating competitive advantage Copyright © 2003 Questions & Feedback?

Download ppt "Creating competitive advantage Copyright © 2003 Enterprise Java Beans Presenter: Wickramanayake HMKSK Version:0.1 Last Updated:"

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
When Role Models Have Flaws: Static Validation of Enterprise Security Policies Marco Pistoia IBM T. J. Watson Research Center Hawthorne, New York

When Role Models Have Flaws: Static Validation of Enterprise Security Policies Marco Pistoia IBM T. J. Watson Research Center Hawthorne, New York
® IBM Software Group © 2006 IBM Corporation Securing Your Application With WebSphere Security You will need to develop Login procedures for your web applications.

® IBM Software Group © 2006 IBM Corporation Securing Your Application With WebSphere Security You will need to develop Login procedures for your web applications.
1 Lecture 20 George Koutsogiannakis Summer 2011 CS441 CURRENT TOPICS IN PROGRAMMING LANGUAGES.

1 Lecture 20 George Koutsogiannakis Summer 2011 CS441 CURRENT TOPICS IN PROGRAMMING LANGUAGES.
Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
J2EE Java2 Enterprise Edition by Damian Borth. Contents Introduction Architectures styles Components Scenarios Roles Processing a HTTP request.

J2EE Java2 Enterprise Edition by Damian Borth. Contents Introduction Architectures styles Components Scenarios Roles Processing a HTTP request.
EJB Security CSCI 5931 Web Security Kartikeya Kakarala Young Ho Choung.

EJB Security CSCI 5931 Web Security Kartikeya Kakarala Young Ho Choung.
Java 2 Platform, Enterprise Edition (J2EE). Source: Computer, August 2000 J2EE and Other Java 2 Platform Editions.

Java 2 Platform, Enterprise Edition (J2EE). Source: Computer, August 2000 J2EE and Other Java 2 Platform Editions.
J2EE Security and Enterprise Java Beans Mrunal G. Dhond Department of Computing and Information Sciences Master of Science, Final Defense February 26,

J2EE Security and Enterprise Java Beans Mrunal G. Dhond Department of Computing and Information Sciences Master of Science, Final Defense February 26,
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.
J2EE Kenneth M. Anderson CSCI 7818 - Web Technologies October 3, 2001.

J2EE Kenneth M. Anderson CSCI Web Technologies October 3, 2001.
Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by the U.S. Department of Defense © 1999 by Carnegie.

Version # Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1999 by Carnegie.
Introduction to EJB INFORMATICS ENGINEERING – UNIVERSITY OF BRAWIJAYA Eriq Muhammad Adams J

Introduction to EJB INFORMATICS ENGINEERING – UNIVERSITY OF BRAWIJAYA Eriq Muhammad Adams J
Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.
Understanding Active Directory

Understanding Active Directory
Emmanuel Cecchet et al.  Performance Scalability of J2EE application servers.  Test effect of: ◦ Application Implementation Methods ◦ Container Design.

Emmanuel Cecchet et al.  Performance Scalability of J2EE application servers.  Test effect of: ◦ Application Implementation Methods ◦ Container Design.
Java Pet Store Application. Outline Introduction Introduction Information Layer Information Layer Application Layer Application Layer Infrastructure Layer.

Java Pet Store Application. Outline Introduction Introduction Information Layer Information Layer Application Layer Application Layer Infrastructure Layer.
Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.

Chapter 10 EJB Concepts of EJB Three Components in Creating an EJB Starting/Stopping J2EE Server and Deployment Tool Installation and Configuration of.

Similar presentations

Ads by Google