HomeDigital EditionSys-Con RadioSearch Java Cd
Advanced Java AWT Book Reviews/Excerpts Client Server Corba Editorials Embedded Java Enterprise Java IDE's Industry Watch Integration Interviews Java Applet Java & Databases Java & Web Services Java Fundamentals Java Native Interface Java Servlets Java Beans J2ME Libraries .NET Object Orientation Observations/IMHO Product Reviews Scalability & Performance Security Server Side Source Code Straight Talking Swing Threads Using Java with others Wireless XML
 

"J2EE Application Security"
Vol. 7, Issue 1, p. 30

	


Listing 1 
 
 <web-app> 
 <login-config> 
 <auth-method>BASIC|DIGEST</auth-method> 
 <realm-name>test</realm-name> 
 </login-config> 
 </web-app> 
 
 
 Listing 2 
 
 <web-app> 
 <login-config> 
 <auth-method>FORM</auth-method> 
 <form-login-config> 
 <form-login-page>login.jsp</form-login-page> 
 <form-error-page>error.jsp</form-error-page> 
 </form-login-config> 
 </login-config> 
 </web-app> 
 
 
 Listing 3 
 
 <web-app> 
 .. 
 <security-constraint> 
 <web-resource-collection> 
 <web-resource-name> 
 Secure Content 
 </web-resource-name> 
 <url-pattern>/restricted/*</ url-pattern> 
 </web-resource-collection> 
 <auth-constraint> 
 <role-name>AuthorizedUser</role-name> 
 </auth-constraint> 
 </security-constraint> 
 .. 
 <security-role> 
 <description> 
 The role required to access restricted content 
 </description> 
 <role-name>AuthorizedUser</role-name> 
 </security-role> 
 </web-app>  
 
 Listing 4 
 
 <method-permission> 
 <role-name>admin</role-name> 
 <method> 
 <ejb-name>UserInformation</ejb-name> 
 <method-name>*</method-name> 
 </method> 
 </method-permission> 
 
 <method-permission> 
 <role-name>customer</role-name> 
 <method> 
 <ejb-name>UserInformation</ejb-name> 
 <method-name>getDetails</method-name> 
 </method> 
 </method-permission>

  
 
 

All Rights Reserved
Copyright ©  2004 SYS-CON Media, Inc.
  E-mail: [email protected]

Java and Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. SYS-CON Publications, Inc. is independent of Sun Microsystems, Inc.