The J2EE security model forms a fundamental building block for secure enterprise systems. Such a specification needs to be backed by the solid and secure implementation of a J2EE product and applications hosted within a topology that provides enterprise-level security. The topology considers the common practice whereby business-critical data and applications are shielded from direct Internet access. J2EE applications that make up an enterprise solution should be partitioned and deployed into an environment that considers the security requirements of the enterprise. In addition to J2EE Web application servers, most enterprise environments consist of legacy or other applications accessed through ...