Section 9.11. EJB Security Checklist


9.11. EJB Security Checklist

To secure the EJB tier, we did the following:

  • Deployed the JAAS-based security realm with the JBoss container.

  • Protected the EJB in ejb-jar.xml:

    • Added security roles.

    • Allowed callers with the unauthenticated guest or authorized Manager role to access non-secure methods.

    • Restricted access to administrative methods to users in the Manager role.

  • Automated extra ejb-jar.xml settings with XDoclet.



JBoss at Work. A Practical Guide
JBoss at Work: A Practical Guide
ISBN: 0596007345
EAN: 2147483647
Year: 2004
Pages: 197

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net