*
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Regarding JAAS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Regarding JAAS" Watch "Regarding JAAS" New topic
Author

Regarding JAAS

Giju George
Ranch Hand

Joined: Jun 08, 2004
Posts: 333
Do you guys think JAAS is a better option for Authentication and Authorization ? . The web client can also use form based authenticaton, which can then pass the principal/role from web tier to ejb tier for authorization.


SCJP 1.4, SCWCD 1.4, SCBCD 1.3, SCEA
Marie Pierre Courbevoie
Ranch Hand

Joined: Aug 01, 2005
Posts: 32
Giju

I'll recommand reading IBM redbook SG246573 (free download from http://www.redbooks.ibm.com ) chapter 6 through 8, these chapters are enough generic to be applied to any J2EE server. It's really excellent, you can find all what you need to configure security in a J2EE system (declarative and programatic security, client side and server side authentication,JAAS, CSIV 2,LTPA, J2EE client and thin java client...).
Best security practices are, really, well commented

Regards
Marie Pierre
[ August 19, 2005: Message edited by: Marie Pierre Courbevoie ]
Vinay Singh
Ranch Hand

Joined: Dec 15, 2004
Posts: 174
Thanks Marie. That was a cool link.
Vinay


Technical quiz and interview questions   SCJP 6 mock practice test
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Regarding JAAS
 
Similar Threads
Implement JAAS in Struts
A Question for JBoss at Work Authors
Security Question for JBoss at Work Authors
JAAS
Swing Client Vs Web application -- authentication ..