Java Reference
In-Depth Information
Database
Application Server
2
4
HttpServlet
Response
Database
1
Web
Components
5
6
4
3
HttpServlet
Response
JavaBeans
Components
Figure 1.6
Java Web application request handling.
â—ľ
Programmatic security is the security embedded within a Java application and is used to make
security decisions during the execution of control statements. Programmatic security is useful
when declarative security alone is not suicient to express the security model of an application.
In the Java Web applications, Web components provide the dynamic extension capabilities for a
Web server. Web components are a combination of the Web and enterprise components, such as
Java servlets, JSP pages, JSF pages, or Web service endpoints. he interaction between a Web client
and a Web application is illustrated in Figure 1.6.
Web components such as the servlets, JSPs, and so on, are supported by the services of a run-
time platform called a
Web container
. A Web container provides services such as request dispatch-
ing, security, concurrency, and life cycle management for all these components.
Certain aspects of Web application security can be conigured during the application instal-
lation or deployment time, to the Web container. Annotations and/or deployment descriptors are
used to relay information to the Web application deployer about security and other aspects of the
application. Specifying security and other related information in annotations or in the deploy-
ment descriptor helps the deployer set up the appropriate security policy for the Web application.
Deployment descriptors override any values explicitly speciied using the annotations feature of
the new Java language. A detailed treatment of securing for Java Web applications is dealt with in
detail in Part 3 of this topic.
1.5 Summary
Diferent eras in the history of computers and information technology mark signiicant mile-
stones in technology innovations—mainframes, minicomputers, desktops, and mobile sys-
tems. he evolution of the Internet and the World Wide Web, as a part of the evolution of
Search WWH ::
Custom Search