O'Reilly logo

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Summary

J2SE security model includes a highly flexible, configurable and extensible framework for code-based authorization of actions. This has been further extended by JAAS to include user authentication and user-based authorization. The complete framework consists of a number of APIs, configuration files, system properties and tools.

Permissions are specified in policy files and are granted to all code, code downloaded from a specific location (jar file or directory identified by an URL), signed by the owner of a X.509 certificate, code running on behalf of an authenticated user, or any combination of these. These permissions can be specified in one or more policy files and can be applied to all programs, programs launched by a specific OS ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required