Java Reference
In-Depth Information
trast this to the relatively simple approach of using the declarative security management
annotations or deployment descriptors.
6.4.6. Using EJB security effectively
As with the case of transactions, declarative transactions are the recommended approach
to take when implementing security. You should avoid working with specific users or ac-
cessing
Principal.getName()
. As mentioned, the
getName
method returns a value
that's dependent on the authentication system being used. Although you may not be con-
cerned about portability between application servers, coding to a specific authentication
system will only cause problems in the future. Declarative security is also much easier to
analyze and less prone to errors than programmatic. With declarative security, a class can
be annotated and then individual methods override the security settings where necessary.
With programmatic security, forgetting to check the credentials or mistyping credentials
can open security holes that go unnoticed. With transactions, inconsistencies show up in
a database that can be analyzed. Security failures, on the other hand, are silent and don't
show up as system failures. As you saw with ActionBazaar, users of a system are often the
first ones to discover that the system has been breached and they've been affected.
Container-managed security should always be used. The web container will automatically
forward the security context to the EJB container. This ensures continuity between the web
and the business tiers. In addition, security checks should exist at the presentation level
(WAR) and at the business logic level (EJB). Security shouldn't be implemented using ob-
scurity—don't be fooled into believing that a user won't figure out how to generate a form
posting that deletes records or calls up records for which the user isn't credentialed, be-
cause someone will always try.
6.5. Summary
In this chapter, we discussed the basic theory of transactions management using CMT and
BMT, basic security concepts, and programmatic and declarative security management.
Both transactions and security are crosscutting concerns that ideally shouldn't be inter-
leaved with business logic. The EJB 3 take on security and transaction management tries
to reflect exactly this belief. Minimizing crosscutting concerns in business logic simplifies
the code and reduces errors that invariably arise when the same logic must be replicated in
multiple spots.
