EJB的安全性中英文资料外文翻译文献.docx
《EJB的安全性中英文资料外文翻译文献.docx》由会员分享,可在线阅读,更多相关《EJB的安全性中英文资料外文翻译文献.docx(23页珍藏版)》请在冰豆网上搜索。
EJB的安全性中英文资料外文翻译文献
(文档含英文原文和中文翻译)
EJB的安全性中英文资料外文翻译文献
EJBsecurity
INTRODUCTION
SecuritymanagementisoneoftheimportantservicesthatEJBoffers.Thelow_levelsecurityinfrastructureinEJBisimplementedbythecontainerprovider.Securitypoliciesaresetatdeploymenttimeinordertomakethebeansportableacrossapplications.EJBsecurityboilsdowntowhichuserhaspermissiontocallwhichmethodofabean.UsersaredefinedoutsideEJBinaspecificoperationalenvironment(forexample,ausernamedGurmailKandola,workingonaUNIXmachinewithusernamekandola,isamemberofusergroupengineering,hasaccesspermissiontoaMySQLdatabaseserverandsoon).TotheEJBcode,auserisrepresentedbyaninstanceoftheoftheclassjava.security.principal.Principalsaremappedtosecurityroles,whichdeterminethemethodsaprincipalcanaccess.Theapplicationassemblerdefinesthelogicalsecurityroles,andthedeployermapsthemthemtotheprincipals.Amethodcallfromaclientmaytriggerabean-to-beanchainofcalls,asyousawinthepreviouschapterwhileexploringtransactions.Howdoessecuritypropagatealongthischainofcalls?
HowdothevarousEjBrolessplittheresponsibilityforsettingsecuritypolicies?
Thesequestionspointtosomeoftheimportantissuesthatwewillexploreinthischapter.YourgoalforthischapteristounderstandEJBsecurityandhowthesecurityassignmentsandresponsibilitiesflowfrommethodtomethodandroletorole.Toaccomplishthat,wewillexplorethreeavenues:
declarativeandprogrammaticsecurityinEJB,theflowofresponsibilitiesfromroletoroleindeterminingsecuritypolicy,andtheflowofsecurityidentitywithinasequenceofmethodcalls.
IMPLEMENTINGSECURITYINEJB
ThesecurityinfrastructureinEJBisimplementedbythecontainerprovider,whilethesecuritypoliciesaredeterminedbyotherEJBrolesatdeploymentandruntime.Inthissection,wediscussthesecurityrequirementspresentedbytheEJBarchitectureandhowtheyaremet.First,weintroducethebasicsecurityconceptsthatyouneedtograspinordertocomprehendtherestofthematerialinthischapter.
Understandingbasicsecurityconcepts
TounderstandthedifferentfeaturesofEJBsecurityandhowthecariouspiecesfittogether,youneedtoknowwhatthebasicsecuritytermsmean.First,webrieflyintroducethoseterms.
Authenticationandauthorization
Authenticationauthorizationresenttwolevelsofsecurityonasystem,suchasacomputersystemoranapplicationrunningonacomputer.Authenticationinvolvesshowingyouridinordertogetintothesystem,forexample,yourloginandpassword.Authorizationdetermineswhatyoucanandcannotdoonceyouareinthesystem.Forexample,firstyoulogontoafileserverusingauthentication.Bytypinginyourloginandpassword.Onceyouareloggedin,youfindasetoffilesthatyoucanonlyread,anothersetoffilesthatyoucanreadandchange,andyetanothersetthatyoucannotevenread.Thisistheauthorizationpartofsecurity.InEJB,authorizationmeansthataclientisauthorizedtocallabeanmethod.
Principalsandroles
APrincipalisanentitythatcanbeauthenticatedbyasystem.Itcanbe,forinstance,anenduseroranapplicationtryingtoaccessanotherapplication.InJava,onceanentityisauthenticatedtoasystemitisrepresentedbyaninstanceofjava.security.Principal.InEJB,aPrincipalcanbeassociatedwithonceormoresecruityrolesdefinedbytheapplicationassembler.
Asecruityrolehasasetofpermissionsassignedtoit.APrincipalcanbemappedtotheseroles,andthenthePrincipalwillhavethepermissionattachedtotherole.Inotherwords,asecurityroleisasetofapplicationpermissionsthatcanbeassignedtoauser(oragroupofusers).
Usersandgroups
Auserisarealpersonwithanaccountonasystem.Agroupisacollectionofusers.Eitherauseroragroupcanbemappedtoalogicalsecurityrole.Intheoperationalenvironment,itistheusersandgroupswhousetheapplication,buttheyliveoutsideofEJB.So,inordertogetintotheEJBapplication,theychangeintoPrincipalsandsecurityroles.
AuserofanEJBapplicationlivesinaspecificoperationalenvironmentandenterstheJavaworldasaPrincipal,andthePrincipalaccessestheapplicationbyacquiringoneormorerolesdefinedwithintheEJBarchitecture.
NOTE
TheEJBarchitecturefordistributedandportableenterpriseapplicationshassomeimplicationsastohowEJBsecurityshouldlook.Let’sexplorethisissuenext.
SecutityinEJB
Implementationofsecurityinanysystemgenerallyinvolvestwostages;implementingthesecurityinfrastructureandallowinganadministratortosetandimplementsecuritypoliciesonagivensystem.Keepingthisinmind,notthatthedistributednatureandtheportabilitycharacteristicoftheEJBarchitecturesetthefollowinggoalsforEJBsecurity:
Separatethesecurityinfrastructurefromthebusinesslogicofanapplication,becausethebeanprovider,whoisanexpertinimplementingbusinesslogic,maynotbeasecurityexpert,andsomeotherrolesare.
RememberthatEJBapplicationsshouldbeportableacrossmultipleEJBservers,andthoseserversmaypossiblybeusingdifferentsecuritymechanisms.
Allowsecuritypoliciestobesetatdeploymentratherthanatcodingtimeinordertosupportportability.
TheEJBroleresponsibilitiesthesecurityinfrastructure.Theapplicationassembler,thedeployer,andthesystemadministratorparticipateinsettingsecuritypolicies.TheEJBspecrecommendsthatthebeanprovidershouldneitherimplementsecuritymechanismsnorhard-codethesecuritypoliciesinthebean’sbusinessmethods.
SecurityinEJBisaboutauthorization,forexample,whocanhaveaccesstoacertainbeanmethod.Theclientsofanapplicationexercisecertainsecurityroles,andthepermissiontocallmethodsisassignedtotheroles.
DEFININGTHESECURITYROLES
Itisthedeployer’sresponsibilitytodeploytheapplicationsecurely.Todothiscorrectlythedeployerneedstoknowwhateachbusinessmethoddoesinordertodeterminewhichusercancallit.However,thedeployerisnotexpectedtogointothesourcecode.Sowehaveaproblem.Hereisthesolution:
theapplicationassemblerhelpsthedeployerbyprovidingthesecurityviewofanapplicationinthedeploymentdescriptor.Thesecurityviewcontainsasetoflogicalsecurityrolesandasetofmethodpermissionsforeachsecurityrole.
Thedeploymentdescriptorcontainstwopartshatarerelatedtosecurity:
,whichiswrittenbythebeanprovider,and,whichiswrittenbytheapplicationassembler.Theapplicationassemblerdefinesthesecurityrolesinthepartofthedeploymentdescriptor.
Theapplicationassemblerisresponsibleforthefollowing:
Definingeachsecurityroleusingaelementinthesectionofthedeploymentdescriptor.
Definingtheelementasasubelementoftogivethesecurityroleaname.Thisstepismandatory.
Definingtheelementasasubelementoftoprovideadescriptionforthesecurityrole.Thisstepisoptional.
Asecurityroleappliestoalltheenterprisebeansinthesameejb-jarfile.Listing14.1showstwosecrityrolesdefinedwithintheelement.
Twosecurityrolesnamedemployeeandhr-directordefinedwithintheelement.Theelementistheonlymandatoryelementfora.
Listing14.1
Inagiven,theelementistheonlymandatoryelement.Theelementisusedbythedeployertoassignthesecurityroletoauseroragroupintheactualoperationalenvironment.Theelementisoptionalandistheretohelpthedeployerunderstandwhatthisroleisbeforeassigningittoanappropriateuserorgroup.
Therolenameintheelementisonlylogicalanddoesnotrepresentauseroragroupinarealoperationalenvironment.However,thedeployercanmapittoaPrincipalthatrepresentsauserintherealoperationalenvironment.
NOTE
SecurityinEJBisaboutauthorization,namely,permissionstocallthebeanmethods.Thisisimplementedintwosteps:
grantingmethodpermissionstosecurityrolesandmappingsecurityrolestoPrincipals,whichrepresentusers.
Let’sexaminehowmethodpermissionsaredefinedandgranted.
DEFININGMEHODPERMISSIONS
Afterdefiningthesecurityroles,theapplicationassemblercanassignmethodpermissionstotheroles,thatis,themethodsofabeanthatauserinthatrolecancall.Theassemblercanassignanyofthemethodsexposedinthecomponentandhomeinterfacesofabeantoarole.Wediscussfourdifferenttechniquesforassigningmethodpermissionstoarole.
Grantingpermissiontoallmethods
Byusingthewildcard*,theapplicationassemblercangrantarolepermissiontoallthemethodsinthehomeandcomponentinterfacesofabean.Anexampleisshownhere:
Thiscodemeansthattherolehr–directorhasbeengrantedpermissiontocallallmethodsinthehomeandcomponentinterfacesofthebeansEmployeeRecordBeanandEmployeeProgressBean.Inotherotherwords,abeanclientintheroleofhr-directorcanallanymethodfromtheclientviewsofthebeansEmployeeRecordBeanandEmployeeProgressBean.
Thisisasweepingauthorizationforarolebutnotanultimateone.Theultimateauthorizationwouldbethatanyclientcouldcallanymethodofabeanwithoutbeingcheckedforauthorization,andthatisaccomplishedwiththeelement.Thefollowingcodefragmentmea