wood burning stoves 2.0*
The moose likes EJB and other Java EE Technologies and the fly likes JAAS Vs. Container managed security in web tier (managed at web.xml) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "JAAS Vs. Container managed security in web tier (managed at web.xml)" Watch "JAAS Vs. Container managed security in web tier (managed at web.xml)" New topic
Author

JAAS Vs. Container managed security in web tier (managed at web.xml)

veena madhukar
Ranch Hand

Joined: Apr 28, 2006
Posts: 86
I have a requirement where in I have an application client as well as web client for my ejb application.

Coming to talk of secuity ---- I would like to confirm if my understanding is right.

Let us say that

I implement security in my java swing based application using the JAAS.
I implement security for my web tier using the container managed security in web.xml;
I implement security for my ejb tier using the container managed security in ejb-jar.xml;

I have the option to implement for my web and ejb tier to go for programmatic based implementation...however, since what the container provides is sufficient, i have chosen the same.

In swing based client applications by using JAAS --- we have the flexibilty to incorporate standard security mechanisms like Solaris NIS (Network Information Services), Windows NT, LDAP (lightweight access directory protocol), Kerberos, and others into our application in a consistent, configurable way;

In web tier / ejb tier if we had not gone by container managed declarative security then we would have had to go for managing the security programmatically. Is that also based on JAAS??? If not ...why is JAAS not used there?
Valentin Crettaz
Gold Digger
Sheriff

Joined: Aug 26, 2001
Posts: 7610
Moving this to the EJB and Other J2EE Technologies forum as the SCBCD exam does not deal with JAAS.

Thanks for your comprehension


SCJP 5, SCJD, SCBCD, SCWCD, SCDJWS, IBM XML
[Blog] [Blogroll] [My Reviews] My Linked In
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JAAS Vs. Container managed security in web tier (managed at web.xml)