Component Level Security (Sun GlassFish Enterprise Server v3 Prelude Developer's Guide)

Sun GlassFish Enterprise Server v3 Prelude Developer's Guide

Previous: Application Level Security
Next: Programmatic Security

Component Level Security

Component level security encompasses web components and EJB components.

A secure web container authenticates users and authorizes access to a servlet or JSP by using the security policy laid out in the servlet XML deployment descriptors (web.xml and sun-web.xml files).

The EJB container is responsible for authorizing access to a bean method by using the security policy laid out in the EJB XML deployment descriptors (ejb-jar.xml and sun-ejb-jar.xml files).

Previous: Application Level Security
Next: Programmatic Security