Third Party EJB Security

Discussions

EJB design: Third Party EJB Security

  1. Third Party EJB Security (1 messages)

    Is there any way that I can use a third party security infrastructure plugged with an App Server to secure my EJB instead of the declarative security features provided by the App Server
  2. PAM's and your problem[ Go to top ]

    Is there any way that I can use a third party security infrastructure plugged with an App Server to secure my EJB instead of the declarative security features provided by the App Server
    So app Server's provide a security implementation on a per component basis, which is a pretty cool deal. I'd suggest you use it. But there are a ton of 3rd party security products out there for authentication that you can hook into for Nteir products. It should look like this: 1.)Authentication handled by 3rd party 2.)Security roles and definitions setup in 3rd party 3.)Roles mapped over as appropriate to the EJB domain This is usually going to be used in a situation where you want to manage a single sign-on, and the enterprise application your writing is a small piece of a much bigger enterprise network. If your just writting one application, use the container. Sun actually has a good top level document on this here: http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security5.html Don't get a 3rd party product to try and solve the problem of not knowing how to work with the app server security.