SRV.11.4 Roles

Previous page
Table of content
Next page

A role is an abstract logical grouping of users that is defined by the application developer or assembler. When the application is deployed, these roles are mapped by a deployer to security identities, such as principals or groups, in the runtime environment.

A servlet container enforces declarative or programmatic security for the principal associated with an incoming request based on the security attributes of that calling principal. For example,

  1. When a deployer has mapped a security role to a user group in the operational environment, the user group to which the calling principal belongs is retrieved from its security attributes. If the principal's user group matches the user group in the operational environment that the security role has been mapped to, the principal is in the security role.

  2. When a deployer has mapped a security role to a principal name in a security policy domain, the principal name of the calling principal is retrieved from its security attributes. If the principal is the same as the principal to which the security role was mapped, the calling principal is in the security role.


Previous page
Table of content
Next page
Java 2 Platform, Enterprise Edition. Platform and Component Specifications
Java 2 Platform, Enterprise Edition: Platform and Component Specifications
ISBN: 0201704560
EAN: 2147483647
Year: 2000
Pages: 399
Authors: Bill Shannon, Mark Hapner, Vlada Matena, James Davidson, Enterprise Team, Eduardo Pelegri-Llopart, The Enterprise Team
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
Metrics and Models in Software Quality Engineering (2nd Edition)
VBScript Programmers Reference
Systematic Software Testing (Artech House Computer Library)
Mastering Delphi 7
PMP Practice Questions Exam Cram 2
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy