Java EE Security: Advanced Topics - The Java EE 6 Tutorial: Advanced Topics

Java Reference

In-Depth Information

specifies the callback handler, an underlying login module can remain independent of the

various ways applications interact with users.

For example, the implementation of a callback handler for a GUI application might dis-

play a window to solicit user input, or the implementation of a callback handler for a

command-line tool might simply prompt the user for input directly from the command

line.

The login module passes an array of appropriate callbacks to the callback handler's

handle method, such as a NameCallback for the user name and a PasswordCall-

back for the password; the callback handler performs the requested user interaction and

sets appropriate values in the callbacks. For example, to process a NameCallback , the

CallbackHandler might prompt for a name, retrieve the value from the user, and call

the setName method of the NameCallback to store the name.

For more information on using JAAS for authentication in login modules, refer to the doc-

umentation listed in “ Further Information about Security ” on page 337 .

Using Programmatic Login

Programmatic login enables the client code to supply user credentials. If you are using

an EJB client, you can use the

com.sun.appserv.security.ProgrammaticLogin class with its convenient

login and logout methods. Programmatic login is specific to a server.

Securing Enterprise Information Systems Applications

In Enterprise Information Systems (EIS) applications, components request a connection to

an EIS resource. As part of this connection, the EIS can require a sign-on for the requester

to access the resource. The application component provider has two choices for the design

of the EIS sign-on:

• Container-managed sign-on : The application component lets the container take

the responsibility of configuring and managing the EIS sign-on. The container de-

termines the user name and password for establishing a connection to an EIS in-

stance. For more information, see “ Container-Managed Sign-On ” on page 333 .

• Component-managed sign-on : The application component code manages EIS

sign-on by including code that performs the sign-on process to an EIS. For more

information, see “ Component-Managed Sign-On ” on page 333 .

You can also configure security for resource adapters. See “ Configuring Resource Adapter

Security ” on page 334 .

Search WWH ::

Custom Search

Home