8.2. J2EE API
WebSphere provides a security infrastructure for application security which is transparent to the application developer. That is, the developer does not need to code for security, since it will all be handled at deployment and runtime. |
Having said that, when developing servlets and EJBs, there are a few security calls available if the developer wants greater control of what the end user is allowed to do than is provided by the infrastructure.
8.2.1. EJB security methods
The EJB 2.0 specification defines two methods that allow programmatic access to the caller’s security context, javax.ejb.EJBContext.
java.security.Principal getCallerPrincipal() ...
Get IBM WebSphere V5.0 Security: WebSphere Handbook Series now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.