Vol 71 Issue 2 2004-01-12 Article 11990 from section "Sun Java System"

Technical Details Article

The technical article by Jyri Virkki and Marina Sum provides a guide to
implementing access control in Sun Java[TM] System Application Server 7
(formerly Sun[TM] ONE Application Server 7). Topics covered include an
overview of access control, implementing access control on Java[TM] 2
Platform, Enterprise Edition (J2EE[TM]) applications and other
security-related capabilities and troubleshooting tips.

The authors state: "Access control consists of two main components:
authentication and authorization. Though related to each other, these
are two distinct operations that occur in Sun Java System Application
Server 7 at separate stages, independently of each other. Authentication
is a process in itself. Authorization, often a consumer of the output
from authentication, is another process. This differentiation is
frequently the source of confusion during the initial stage of
configuring access control."

The Sun Java System Application Server 7 provides four authentication
realms to choose from: file, LDAP, Solaris[TM] Operating System (Solaris
OS) and certificate realm. The configuration procedure is detailed, as
well as custom realms (with code).

The authors give a detailed procedure for implementing access control in
J2EE applications on Sun Java System Application Server 7. They also
provide a tutorial on how to set up Sun Java System Application Server 7
with a self-signed certificate.

Details at

Have a custom version of 'System News for Sun Users' delivered to you
via email each week in PDF, text or HTML. Only the sections that you
select will be included in your copy of the news magazine. Subscribe at
(c) 2003 System News, Inc.