Java Reference
In-Depth Information
Security management that defines method permissions is
declared in the enterprise bean's deployment descriptor or by
using annotations (if using EJB 3.0). Container-managed
security makes an enterprise bean more flexible, since it isn't
tied to the security roles defined by a particular application. A
security role is a name given to a grouping of information
resource access permissions that are defined for an
application. Associating a principal with this security role
grants the associated access permissions to that principal as
long as the principal is in the role.
However, programmatic (procedural) access control is
sometimes necessary to satisfy fine-grained or
application-specific conditions. Enterprise beans can
programmatically manage the security by using the
isCallerInRole () and getCallerPrincipal () methods contained
on the EJBs context object. The isCallerInRole () method tests
whether the caller has a given security role, returning true if
the caller has and false if not. The getCallerPrincipal ()
method returns the java.security.Principal that identifies the
caller.
QoS Considerations
• Performance - A measure of the system in terms of response
time or number of transactions per unit time. Load
Distribution (e.g. DNS Round Robin) and Load Balancing are
two techniques that aid in higher performance. Tasks such as
Application Tuning, Server Tuning, and Database Tuning
also improve system perform.
o DNS Round Robin: A process for distributing load in a
system. If we have ten web servers that can service HTTP
Search WWH ::




Custom Search