J2EE Security Model
The security model within J2EE is a continuation of the J2SE security model. In the J2SE model, one of the primary focuses of the security policy is based on where the code is located or who has signed the code with a digital certificate. In the J2EE model, the focus is on who is executing the code or, rather, who is remotely invoking the server-side code. This paradigm shift makes sense because J2EE code runs within a container located in the application server, which is in a secure location and controlled by IT personnel. The application deployer and administrator will decide what application code to deploy on this server. Potentially every user of the application will have access to this code and usually this is not within ...
Get BEA WebLogic Server™ 8.1 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.