Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
< Day Day Up > |
Frequently, multiple software components are aggregated to create a Web application. Often, these components call other components to perform specific tasks of the application. For example, in our travel agent scenario, the Web user interface calls components that look up travel fares, make reservations , and perform financial transactions. Some of these components need to be executed as though they were called by someone other than the user who initiated the transaction on the client side ”the person using the Web browser. The J2EE security model addresses this requirement through the use of principal delegation (see Section 3.10.3 on page 94). Principal delegation allows an intermediary to perform a task, initiated by a client, using an identity specified in a delegation policy. This is achieved through the declarative security support in J2EE. In the case of Web applications, a delegation policy specifies whether downstream calls (see Section 3.7.3.4 on page 70) should occur with the authority of a particular J2EE security role. The principal-delegation behavior for downstream calls depends on whether a run-as element in a Web application's deployment descriptor is specified.
Listing 4.13. Deployment Descriptor Fragment Containing a run-as Element
<servlet> <servlet-name>TravelCustomer</servlet-name> <description> Travel customer specific information </description> <servlet-class>TravelCustomerServlet</servlet-class> <run-as> <role-name>TravelAgent</role-name> </run-as> </servlet> |
< Day Day Up > |