aspose file tools*
The moose likes EJB Certification (SCBCD/OCPJBCD) and the fly likes Authentication in EJB ? isn't it passed from the front end ? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Certification » EJB Certification (SCBCD/OCPJBCD)
Bookmark "Authentication in EJB ? isn Watch "Authentication in EJB ? isn New topic
Author

Authentication in EJB ? isn't it passed from the front end ?

Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

Hello,

I'm studying for SCBCD JEE6 and I saw in the objectives something that I can't understand.
I know there's a login method with Servlets, but with EJB ?

Implementing Security
[ ] Understand the Java EE security architecture
[ ] Authenticate the caller Examine Java EE authorization strategies
[ ] Use declarative authorization
[ ] Use programmatic authorization Examine the responsibilities of the deployer

Thanks.


SCJP 6 (93%), SQL Expert 11g (95%), SCWCD 6 (84%), OCE-EJBD 6 (98%), OCE-JPAD 6 (93%)
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Hi!
No, authentication information is not always passed from the front end to an EJB.
For example, think of the case when you expose a web service with an endpoint implementation class being an stateless session bean.
In such a case, the authentication information has to be passed to the web service in one way or another.
Best wishes!

My free books and tutorials: http://www.slideshare.net/krizsan
Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

I think you meant authentication, not authorization. How can you authenticate and give roles to the client in your example ?
Ivan Krizsan
Ranch Hand

Joined: Oct 04, 2006
Posts: 2198
    
    1
Hi!
Absolutely, I confused authorization with authentication. Thanks for pointing this out!
I have corrected the original post.
Best regards!
Cosmin Nicolae Vacaroiu
Ranch Hand

Joined: Feb 10, 2011
Posts: 52

The problem was with JBoss which didn't checked again for the security, it checked just in the serlvet part.
So I stopped testing on JBoss and installed Glassfish and works perfect.
Thanks.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Authentication in EJB ? isn't it passed from the front end ?
 
Similar Threads
Sorting out the various components of "Java EE"
Swing Client Vs Web application -- authentication ..
Final Mock Test Question 10 Head First and Servlets
On page load redirect
SCEA starting