O'Reilly logo

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

RMI and Access Control

Can we use JAAS for user authentication and access control of operations in conjunction with RMI? How can we do what we did in the JAAS Enabled Sample Application section of Chapter 5, Access Control, to add user authentication and action authorization capability to the RMI-based sample application?

This is possible but non-trivial. The base RMI architecture was developed before JAAS came into existence and hasn't been upgraded to honor JAAS. It is still possible to write RMI client and server programs so that the user credentials (username and password) are collected at the client and passed to the server for authentication. The server goes through the authentication process using JAAS and initializes the Subject instance ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required