File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes EJB and other Java EE Technologies and the fly likes ISPs, EJB, databases and Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "ISPs, EJB, databases and Security" Watch "ISPs, EJB, databases and Security" New topic
Author

ISPs, EJB, databases and Security

Siegfried Heintze
Ranch Hand

Joined: Aug 11, 2000
Posts: 381
As part of my search for angel money, I would like to prototype an I idea for an internet application. This application would allow doctors, lawyers and other professionals to store sensitive information on a public web server and selectively constrain who can access it and when they can access it.
Here is what I have learned:
(1) EJB seems to be a good candidate because (as explained on page 71+ of Richard Monson-Haefel's book) it supports authentication (via JNDI), access control (=authorization?) and secure client-server communication.
(2) www.ejip.net is an ISP that will supports EJB for $120/mo. This is a nice alternative to $6K for a EJB server + ~$1000 for Oracle + $100/mo to co-locate a server + $2K for hardware (=~$9K + $100/mo - ouch!).
(3) The few ISPs that offer database will not give me multiple database accounts. I figure that I need a different database account for each lawyer or doctor that wants to store sensitive info on my web site.
Here are my questions:
(1) Do I need a separate database account for each doctor or lawyer to exploit the security features of EJB? (www.ejip.com said no, I have one master password and I have to implement the concept of a secure sub-accounts in my own java code - yuck!). If so, where is an ISP that allow me to have 1000 database accounts - one for each doctor or lawyer?
(2) Will EJB allow me to keep my client's data private?
(3) What are some other ISPs that offer EJB?
I realize that any imformation stored on a public web site will never be as secure information stored under lock and key. I'm anticipating that my clients would only store mildly sensitive information on the public web site such as their travel/ appointment schedules so they can rendezvous with their collegues.
Thank you very much!
Siegfried
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: ISPs, EJB, databases and Security