Enterprise Java Development@TOPIC@

Part XXIII. JavaEE Security

Copyright © 2015 jim stafford (jim.stafford@jhu.edu)

2015-11-18 03:08 EST

Abstract

This presentation contains topics for securing EJB and Web applications.

Table of Contents

Purpose
1. Goals
2. Objectives
110. JavaEE Security Access Control Points
111. EJB Security
111.1. EJB Access Control (Declarative)
111.2. Programmatic Security
111.3. Authentication/Authorization JBoss Setup
111.4. Summary
112. EJB Security RMI Client
112.1. JBoss Remoting
112.2. EJBClient
112.3. Security Sanity Check
112.4. Summary
113. run-as
113.1. Summary
114. Web Tier Access Control
114.1. Authentication
114.2. Security Constraints (web.xml)
114.3. FORM-based Login
114.4. BASIC Authentication
114.5. Summary