|
Security challenges for Enterprise Java in an e-business environment
As e-business matures, companies require enterprise-scalable functionality for their corporate Internet and intranet environments. To support the expansion of their computing boundaries, businesses have embraced Web application servers.
|
|
Introduction to WebLogic Security
Security refers to techniques for ensuring that data stored in a computer or passed between computers is not compromised. Most security measures involve proof material and data encryption.
|
|
JAAS Based Security in JBoss
This document describes the setting up secured access to JBoss hosted EJBs and web applications for the standard declarative J2EE security model. It should be sufficient to allow you to configure a simple security setup for testing and also give you a good start to being able to integrate your own custom security infrastructure into JBoss. For a more detailed description of the JBossSX framework see the JBossSX chapter.
|
|
Enter the World of JAAS
To address this exact security issue, Sun has introduced the Java Authentication and Authorization Service (JAAS). As is obvious from its name, the JAAS infrastructure can be divided into two main components: an authentication component and an authorization component.
|
|
JAAS Tutorial
JAAS (Java Authentication and Authorization Service) is a Java security API. JAAS was covered in this tutorial session at the 2001 O'Reilly Enterprise Java Conference.
|
|
All that JAAS: An overview of the Java authentication and authorization services
On April 4, 1999, JavaSoft published the specification for a new standard extension at Java Authentication and Authorization Service (JAAS) 1.0 . The acronym for the extension is JAAS (pronounced "jazz"), which stands for "Java Authentication and Authorization Services." This article presents an overview of JAAS. What it is; why it was created, and some of the rationale behind the current design.
|
|
JavaTM Authentication and Authorization Service (JAAS) 1.0
The JavaTM Authentication and Authorization Service (JAAS) is a standard extension to the JavaTM 2 Software Development Kit, v 1.3. Currently, Java 2 provides codesource-based access controls (access controls based on where the code originated from and who signed the code). It lacks, however, the ability to additionally enforce access controls based on who runs the code. JAAS provides a framework that augments the Java 2 security model with such support.
|
|
INTRODUCTION TO JAAS
WELCOME to the Java Developer ConnectionSM (JDC) Tech Tips, July 27, 2001. This issue covers the JavaTM Authentication and Authorization Service (JAAS). It introduces some key concepts in JAAS and shows you how to make use of these concepts.
|
|
IBM Developer Kit for Linux®,: JAAS and Java communications API - technical Information
IBM Developer Kit for Linux provides the Java Authentication and Authorization Service (JAAS) and the Java Communications application programming interface (API) in separate packages.
|
|
Pramati JAAS Framework
The JAAS Framework defines a Realm over which Authentication and User Management functions are based. Associated with each Realm is a Server Policy that defines authorization services and governs access to Server resources.
|
|
Java Authentication and Authorization Service (JAAS) 1.0 LoginModule Developer's Guide
The JAAS Framework defines a Realm over which Authentication and User Management functions are based. Associated with each Realm is a Server Policy that defines authorization services and governs access to Server resources.
|
|
How do I do authentication with JAAS?
The authentication component of JAAS can determine who is executing code. It's against useability to have a user on a system remember different passwords, one for each program where authentication is required.
|
|
Using the JAAS API
The Java Authentication and Authorization Service (JAAS) provides a framework and standard programming interface for authenticating users and assigning privileges. JAAS is based on the Pluggable Authentication Module (PAM) standard, which extends the access-control architecture of the Java 2 platform to support user-based authentication and authorization.
|
|
A Flexible Security Architecture for the EJB Framework
Since the Enterprise JavaBeans (EJB) specification 1.0 has been released in
spring 1998, a great interest has been shown in this new technology. It is the
first approach that defines a server-side component model for the Java platform.
The EJB specification already has achieved a high grade of acceptance and will
obtain an important role in the development of distributed applications in the
future. Nevertheless, since EJB is a young technology it still has to struggle
with several problems. One of these is security management.
|