Home
TOC Index |
Web Application Security
The Web services security model is based on the Java Servlet specification. This model insulates developers from mechanism-specific implementation details of application security. The Java WSDP provides this insulation in a way that enhances the portability of applications, allowing them to be deployed in diverse security environments.
Some of the material in this chapter assumes that you have an understanding of basic security concepts. To learn more about these concepts, we highly recommend that you explore the Security trail in The Java Tutorial (see
http://java.sun.com/docs/books/tutorial/security1.2/index.html
) before you begin this chapter.In This Chapter
- Overview
- Users, Groups, and Roles
- Security Roles
- Managing Roles and Users
- Mapping Application Roles to Realm Roles
- Web-Tier Security
- Protecting Web Resources
- Controlling Access to Web Resources
- Security Settings without deploytool
- Authenticating Users of Web Resources
- Using Programmatic Security in the Web Tier
- Unprotected Web Resources
- EIS-Tier Security
- Configuring Sign-On
- Container-Managed Sign-On
- Component-Managed Sign-On
- Installing and Configuring SSL Support on Tomcat
- Using JSSE
- Setting Up a Server Certificate
- Configuring the SSL Connector
- Verifying SSL Support
- Troubleshooting SSL Connections
- General Tips on Running SSL
- Further information on SSL
- Further Information
Home
TOC Index |
This tutorial contains information on the 1.0 version of the Java Web Services Developer Pack.
All of the material in The Java Web Services Tutorial is copyright-protected and may not be published in other works without express written permission from Sun Microsystems.