bea.com | products | dev2dev | support | askBEA |
|
e-docs > WebLogic Server > Programming WebLogic Security |
Programming WebLogic Security |
Security Vendors Or Sophisticated Application Developers
Major Tasks Covered in this document
Securing Web Applications (Thin Clients)
Authentication with Web Browsers
Username and Password Authentication
Digital Certificate Authentication
Developing Secure Web Applications
Developing BASIC Authentication Web Applications
Developing FORM Authentication Web Applications
Developing CLIENT-CERT Authentication Web Applications
Using the <global-role/> Tag With Web Applications
Adding Declarative Security to Web Applications
Adding Programmatic Security to Web Applications
Writing Secure Java Clients (Fat Clients)
Use of JSSE with WebLogic Server
Overview of Specific JAAS Programming Steps
Step 2: Retrieve Subject and Associate it with the Client Actions
Step 3: Implement the CallbackHandler Interface
Writing a Client Application Using JAAS Authentication
Sample LoginModule Implementation
Sample Implementation of the CallbackHandler Interface
Sample LoginModule Configuration File
Sample LoginContext Implementation
Sample Login Method Implementation
Sample Implementation of the getSubject and runAS Methods
Sample PrivilegedAction Implementation
Sample Implementation of a Java Client That Uses JAAS
Writing Applications that Use SSL
Communicating Securely with SSL-Enabled Web Browsers
Using Two-Way SSL Authentication
Two-Way SSL Authentication with JNDI
Using Two-Way SSL Authentication Between WebLogic Server Instances
Using Two-Way SSL Authentication with Servlets
Using a Custom Host Name Verifier
Using an SSLServerSocketFactory
Using URLs to Make Outbound SSL Connections
Adding Declarative Security to EJBs
Using the <global-role/> Tag With EJBs
Adding Programmatic Security to EJBs
Protecting Application Server Resources
Using Network Connection Filters to Protect Application Server Resources
ConnectionFilterRulesListener interface
Guidelines for Writing Connection Filter Rules
Connection Filter Rules Syntax
Types of Connection Filter Rules
How Connection Filter Rules are Evaluated
Configuring the Default Connection Filter
Developing Custom Connection Filters
SimpleConnectionFilter Example
SimpleConnectionFilter2 Example
Example of the Accept Method Used in Filtering Network Connections
Using J2EE Sandbox Security to Protect Application Server Resources