-
Book Overview & Buying
-
Table Of Contents
JBoss AS 5 Development
By :
We initially designed our AppStore application as a single node Enterprise. Later in Chapter 12, we upgraded it as a clustered application. The only thing missing now is an adequate security infrastructure for it.
Before planning security, you have to analyze what exactly needs to be secured. For example, the AppStore application was made up of a JSF frontend layer and an EJB middle tier that consisted of a session bean and two entity beans.
In such a scenario, if you don't plan to directly expose the EJB layer to your clients, then it's usually enough to apply security only on the HTTP layer, which is the only point reachable by untrusted entities. On the other hand, if chances are that your middle tier will be available straight to your clients, then you have to apply security at this level too. Let's start by creating an access control list to the AppStore web layer; later we will analyze how to secure EJB access.
In the last chapter...
Change the font size
Change margin width
Change background colour