Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Symbols
- <commit-class> element, 10-12
- <commit-coordinator> element, 10-12
- <container-transaction> element, 10-7
- <data-source>
- attributes, 1-9
- <resource-ref> element, 1-11
- <res-ref-name> element, 1-11
- <transaction-type> element, 10-6, 10-8
A
- access control list model
- definition, 4-13
- AccessController, 4-5
- accessing JAAS provider, 7-4
- AccessTest1, 8-7, B-11
- actions
- definition, 4-4
- add button
- Oracle Enterprise Manager, 7-4
- add command, 7-24
- adding and removing realms, 7-16
- adding and removing roles, 7-17
- adding and removing users, 7-17
- addperm options, 7-18
- addprncpl option, 7-19
- addrealm option, 7-16
- addrole option, 7-17
- adduser option, 7-17
- administrative role, 7-29
- AdminPermission class
- administering permissions, 4-26
- definition, 4-5, A-7
- adminRole, 7-28
- adminUser, 7-29
- Ant build tool, 9-5
- Apache
- JServ license, A-3
- license, A-1
- Apache Listener. See Oracle HTTP Server
- apachectl start command, 9-8
- apachectl startssl command, 9-8
- APIs
- oracle.security.jazn package, A-2
- oracle.security.jazn.policy package, A-6
- oracle.security.jazn.realm package, A-9
- Application Realm
- creation, 7-31
- creation code, B-8
- definition, 4-18
- role management, 4-18, 4-21
- sample LDAP directory information tree, 4-21
- user management, 4-18, 4-21
- ApplicationClientInitialContextFactory, 2-6 to 2-8
- ApplicationInitialContextFactory, 2-8 to 2-10
- applications
- executing, 8-4, 9-8
- in Java2 application environments, 6-2
- sample J2SE, 8-5
- with JAAS, 4-10
- application.xml
- designating data-sources.xml, 1-2
- assigning permissions, 7-6
- attributes
- CacheEventListener, 13-17
- DefaultTimeToLive, 13-17
- DISTRIBUTE, 13-14
- GROUP_TTL_DESTROY, 13-14
- IdleTime, 13-17
- LOADER, 13-14
- ORIGINAL, 13-14
- REPLY, 13-15
- SPOOL, 13-15
- SYNCHRONIZE, 13-16
- SYNCHRONIZE_DEFAULT, 13-16
- TimeToLive, 13-18
- Version, 13-18
- Attributes.setCacheEventListener() method, 13-28
- authentication
- definition, 4-2
- J2EE, 9-2
- J2SE, 8-2
- using login modules, 4-9
- using Oracle9iAS Single Sign-On (SSO), 4-13
- using RealmLoginModule class, 4-13
- with Basic Authentication, 6-13
- with SSL, 6-10
- with SSO, 4-13, 6-8
- authentication environments, 6-6
- authorization
- definition, 4-2
- J2EE, 9-4
- J2SE, 8-3
B
- basic authentication, 6-6
- callerinfo demo, 5-2
C
- Cache
- concepts, 13-2
- cache environment, 13-6
- CacheAccess.createPool() method, 13-40
- CacheAccess.get() method, 13-22
- CacheAccess.getOwnership() method, 13-46
- CacheAccess.preLoad() method, 13-22
- CacheAccess.releaseOwnership() method, 13-46
- CacheAccess.save() method, 13-35
- CacheEventListener attribute, 13-17
- CacheEventListener interface, 13-28
- CacheLoader()
- implementing, 13-22
- CacheLoader.createStream() method, 13-38
- caching scheme, 1-14
- callback handler, 8-2, 8-5
- callerInfo demo, 5-2, 9-4
- code, 9-9
- results, 5-6
- capability model
- definition, 4-13
- cd command, 7-24
- checking password, 7-17
- checkpasswd option, 7-17
- cipher suites
- supported by Oracle HTTPS, 1-7
- class names
- definition, 4-4
- classes
- AdminPermission, A-7
- Grantee, A-8
- InitRealmInfo, A-10
- JAZNConfig, A-2
- JAZNConfigException, A-4
- JAZNContext, A-3
- JAZNPermission, A-3
- RealmLoginModule, A-10
- RealmManager, A-10
- RealmPermission, A-10
- RoleAdminPermission, A-8
- cleanInterval property, 13-27
- clear command, 7-25
- codebase, 4-10
- codesource, 7-8
- in policy files, 4-10
- constructing
- JNDI contexts, 2-4
- JNDI InitialContext, 2-5
- createDiskObject() method, 13-23, 13-36
- createInstance() method, 13-42
- CreatePool() method, 13-40
- createRole, 7-32, 7-33
- createStream() method, 13-23
- creating a new grant entry, 7-8
- creating roles, 7-33
- creation code
- Application Realm, B-8
- External Realm, 7-30
- credentials, 4-8, 4-24
- cryptographic keys, 4-8
D
- data source
- configuration, 1-8
- configuration file, 1-9
- connection sharing, 1-13
- default, 1-2
- definition, 1-2
- emulated, 1-2, 1-5 to 1-6
- error conditions, 1-15
- mixing transactions, 1-15
- username, 1-15
- introduction, 1-1
- location of XML file, 1-2
- non-emulated, 1-7 to 1-8
- behavior, 1-13
- JTA transaction, 1-13
- Oracle JDBC extensions, 1-12
- retrieving connection, 1-4, 1-11
- using Merant driver, 1-17
- using OCI driver, 1-16
- data storage
- in LDAP-based environments, 4-21
- database
- caching scheme, 1-14
- retrieving connection, 1-4
- DataSource object, 10-4, 1-4
- methods, 1-10
- retrieving, 10-4
- use in JTA, 10-11
- data-sources.xml, 1-9
- designating location, 1-2
- pre-installed definitions, 1-2
- data-sources.xml file, 10-12
- use in JTA, 10-2
- dedicated.connection JNDI property, 1-15
- default configurations
- callerInfo demo, 5-3
- default realm, 9-6
- default-realm, 5-4
- DefaultTimeToLive attribute, 13-17
- default-web-site.xml file, 5-3, 9-5
- defineGroup() method, 13-20, 13-21
- defineObject() method, 13-21
- defineRegion() method, 13-19
- delegation, 4-2
- deleting grant entries, 7-8
- deployment descriptor
- JTA, 10-6
- deployment descriptors
- JCA, 12-4
- destroy() method, 13-25
- destroyInstance() method, 13-42
- directory information tree (DIT)
- Application Realm, 4-21
- External Realm, 4-18
- Subscriber Realm, 4-19
- discoveryAddress property, 13-27, 13-44
- diskPath property, 13-27, 13-33
- distinguished name (DN), 4-22
- DISTRIBUTE attribute, 13-14, 13-43
- distribute property, 13-27
- doFilter(ServletRequest request, ServletResponse response,FilterChain chain), 9-3
- dropping a realm, 7-29, 7-32
- dropping roles, 7-35
- dropRole, 7-32, 7-35
E
- embedded resource adapter, 12-2
- environments, 4-3, 4-17
- examples
- stand-alone resource adapters, 12-6
- exceptionHandler() method, 13-23
- exceptions
- JAZNException, A-4
- JAZNInitException, A-4
- JAZNNamingException, A-4
- JAZNObjectExistsException, A-4
- JAZNObjectNotFoundException, A-4
- JAZNRuntimeException, A-4
- executing an application, 8-4
- exit command, 7-26
- External Realm
- automatically installed, 4-22
- creating, 7-30
- creation code, 7-30
- definition, 4-17
- role management, 4-17, 4-19
- sample LDAP directory information tree, 4-18
- user management, 4-17, 4-19
F
- features, 4-2
- foundations of the JAAS provider, 4-2
G
- GenericCredential interface
- and Kerberos, 12-8
- getAttribute("java.security.cert.X509certificate"), 9-3
- getAuthType, 9-3
- getconfig option, 7-20
- getConnection method, 10-4, 1-4
- getID() method, 13-28
- getName() method, 13-23
- getOwnership() method, 13-46
- getOwnsership() method, 13-50
- getParent() method, 13-21
- getPolicy, 7-36
- getRegion() method, 13-23
- getRemoteUser, 9-3
- getRoles, 7-33
- getSource() method, 13-28
- getSubject, 8-3
- getting XML configuration information, 7-20
- getUserPrincipal, 9-3
- grant entry data, 7-7
- Grantee class
- definition, A-8
- granting and revoking permissions, 7-19
- granting and revoking roles, 7-17
- granting roles, 7-33
- grantperm option, 7-19
- grantRole, 7-32, 7-34
- grantrole option, 7-17
- GROUP_TTL_DESTROY attribute, 13-14, 13-24, 13-25
H
- handleEvent() method, 13-28
- help command, 7-25
- help option, 7-21
- hosted application environments, 4-26
- hosted environments, 4-27
- HTTPClient.HttpUrlConnection, 1-10
- HTTPConnection, 1-4
- Oracle extensions, 1-13
I
- IdleTime attribute, 13-17
- impersonation
- delegation, 4-2
- import
- oracle.ias.cache, 13-19
- initial context factories
- JNDI, 2-6 to 2-11
- InitialContext
- constructing in JNDI, 2-5
- InitRealmInfo class
- definition, A-10
- InitRealmInfo.RealmType interface, 7-31
- definition, A-9
- installation
- Javadoc, A-2
- interfaces
- InitRealmInfo.RealmType, A-9
- JAZNPolicy, A-6
- Realm, A-9
- Realm.LDAPProperty, A-9
- RealmPrincipal, A-9
- RealmRole, A-9
- RealmUser, A-9
- RoleManager, A-10
- UserManager, A-10
- invalidate() method, 13-24
- invoking JAZN Admintool, 7-15
J
- J2EE. See Java2 Platform, Enterprise Edition (J2EE)
- J2SE environments
- JAAS provider integration, 6-2
- J2SE. See Java2 Platform, Standard Edition (J2SE)
- JAAS, 4-2
- definition, 4-7
- overview, 1-2
- JAAS policy
- managing, 7-6
- JAAS provider
- definition, 4-2
- enhancements to realms, 4-15
- features, 4-2
- integration with Basic authentication, 6-12
- integration with J2EE applications, 6-4
- integration with J2SE applications, 6-2
- integration with SSL-enabled applications, 6-9
- integration with SSO-enabled applications, 6-7
- management of, 7-2
- management tools, 7-2
- permission classes, 4-5
- policy management, 7-36
- running multiple instances, A-2
- security role, 6-15
- JAAS provider integration
- J2SE environments, 6-2
- JAAS. See Java Service (JAAS)
- jaas.config, 8-4
- Java, 10-1
- Java application environments, 4-3
- Java Authentication and Authorization Service (JAAS)
- applications, 4-10
- definition, 4-7
- extending the Java2 Security Model, 4-7
- login modules, 4-9
- policy files
- example, 4-10
- principals, 4-8
- realms, 4-10
- roles, 4-9
- subjects, 4-8
- support for authorization and authentication features, 4-7
- Java Authentication and Authorization Service. See JAAS.
- Java Connector Architecture
- overview, 1-3
- Java Message Service. SeeJMS.
- Java Object Cache, 13-2
- attributes, 13-12
- basic architecture, 13-3
- basic interfaces, 13-5
- cache configuration properties, 13-26
- cache consistency levels, 13-49
- cache environment, 13-6, 13-11
- classes, 13-5
- configuration
- cleanInterval property, 13-27
- discoveryAddress property, 13-27
- diskPath property, 13-27
- distribute property, 13-27
- logFileName property, 13-27
- logger property, 13-27
- logSeverity property, 13-28
- maxObjects property, 13-28
- maxSize property, 13-28
- consistency levels
- distributed with reply, 13-50
- distributed without reply, 13-50
- local, 13-49
- synchronized, 13-50
- default region, 13-11
- defining a group, 13-20, 13-21
- defining a region, 13-19
- defining an object, 13-21
- destroy object, 13-25
- disk cache
- adding objects to, 13-34
- configuring, 13-33
- disk objects, 13-33
- definition of, 13-9
- distributed, 13-36
- local, 13-36
- using, 13-36
- distribute property, 13-43
- distributed cache architecture, 13-4
- distributed disk objects, 13-34
- distributed groups, 13-44
- distributed mode, 13-43
- distributed objects, 13-44
- distributed regions, 13-44
- features, 13-7
- group, 13-12
- invalidating object, 13-24
- javacache.log log file, 13-27
- local disk objects, 13-34
- local mode, 13-43
- memory objects
- definition of, 13-8
- local memory object, 13-8
- spooled memory object, 13-8
- updating, 13-8
- naming objects, 13-8
- object types, 13-6, 13-8
- overview, 1-3
- pool objects
- accessing, 13-41
- creating, 13-40
- definition of, 13-10
- using, 13-40
- programming restrictions, 13-31
- region, 13-11
- StreamAccess object, 13-10
- subregion, 13-11
- Java permissions, 7-4
- managing, 7-12
- Java Platform, Enterprise Edition (J2EE)
- security role, 6-14
- Java programming, 7-27
- sample code, 7-27
- Java Transaction API. See JTA.
- Java virtual machine (JVM)
- running multiple JAAS provider instances, A-2
- Java2 application environments, 6-2
- Java2 Platform, Enterprise Edition (J2EE)
- application development in, 6-2
- application development with the JAAS provider, 4-2
- application management, 9-2
- application startup, 9-8
- creating applications using the Java2 Security Model, 4-4
- definition, 6-2, 6-4
- integration with JAAS provider, 6-4
- integration with JAZNUserManager, 6-4
- integration with Oracle components, 6-4
- integration with Oracle9iAS Containers for J2EE, 6-4
- Oracle component responsibilities in basic authentication environments, 6-13
- Oracle component responsibilities in SSL-enabled environments, 6-10
- Oracle component responsibilities in SSO-enabled environments, 6-8
- starting applications with SecurityManager, 9-8
- starting in SSL environment, 9-8
- starting in SSO environments, 9-8
- Java2 Platform, Standard Edition (J2SE)
- application development in, 6-2
- application development with the JAAS provider, 4-2
- authentication, 8-2
- authorization, 8-3
- creating applications using the Java2 Security Model, 4-4
- definition, 6-2
- integration with JAAS provider, 6-2
- integration with Oracle components, 6-2
- provider types available, 6-2
- Java2 Security Model, 4-3, 4-7, 9-4
- definition, 4-4
- using access control capability model, 4-13
- using with J2EE applications, 4-4
- using with J2SE applications, 4-4
- using with JAAS, 4-7
- javacache.properties file, 13-26
- Javadoc
- location of, A-2
- java.io.FilePermission, B-9
- java.lang.SecurityManager.checkPermission, 8-3
- java.net.URL framework, 1-10
- java.security.cert.X509Certificate, 9-3
- java.security.cert.X509Certificate,x509cert, 9-3
- java.security.Permission class, 7-35
- RealmPermission extends from, A-10
- java.security.principal, 4-12
- java.security.Principal interface
- RealmPrincipal extends from, A-9
- using with principals, 4-8
- using with roles and groups, 4-9
- javax.net.ssl.KeyStore, 1-11
- javax.net.ssl.KeyStorePassword, 1-12
- javax.security.auth.Policy, A-2
- javax.security.auth.Subject.doAs, 8-2, 8-3
- javax.servlet.HttpServletRequest, 9-3
- JAZN Admintool, 7-2, 7-14
- administering policy, 4-24
- definition, 4-16
- for managing JAAS provider types, 4-13
- invoking, 7-15
- Quick Start, 5-7
- shell commands, 7-24
- JAZN Admintool commands
- usage examples, 7-14
- JAZN Admintool options
- addperm, 7-18
- addprncpl, 7-19
- addrealm, 7-16
- addrole, 7-17
- adduser, 7-17
- checkpasswd, 7-17
- getconfig, 7-20
- getting help, 7-21
- grantperm, 7-19
- grantrole, 7-17
- help, 7-21
- listperm, 7-19
- listperms, 7-19
- listprncpl, 7-20
- listrealms, 7-17
- listroles, 7-18
- listusers, 7-18
- remprncpl, 7-19
- remrealm, 7-16
- remrole, 7-17
- remuser, 7-17
- revokeperm, 7-19
- revokerole, 7-17
- setpasswd, 7-18
- shell, 7-20
- JAZN Admintool shell, 7-14
- starting, 7-20
- JAZN Admintool shell commands
- add, 7-24
- cd, 7-24
- clear, 7-25
- exit, 7-26
- help, 7-25
- ls, 7-24
- man, 7-25
- mk, 7-24
- mkdir, 7-24
- pwd, 7-25
- rm, 7-25
- jazn element
- location, 5-4, 9-6
- JAZNAdminGroup, 4-26
- JAZNClientGroup, 4-26
- JAZNConfig class, 7-28
- definition, A-2
- JAZNConfigException class
- definition, A-4
- JAZNContext class, 7-28
- definition, A-3
- jazn-data.xml file, 4-11, 4-23, 5-3
- JAZNException exception
- definition, A-4
- JAZNInitException exception
- definition, A-4
- JAZNNamingException exception
- definition, A-4
- JAZNObjectExistsException exception
- definition, A-4
- JAZNObjectNotFoundException exception
- definition, A-4
- JAZNPermission class
- definition, 4-5, 4-6, A-3
- target names, A-3
- JAZNPolicy interface
- definition, A-6
- JAZNRuntimeException exception
- definition, A-4
- JAZNUserManager, 9-2, 9-4
- definition, 4-13, 6-4
- filter element, 6-5, 9-3
- integration in J2EE environments, 6-4
- jazn.xml file, 8-4, 8-5
- JCA, 12-1 to 12-8
- deployment descriptors, 12-4
- QoS contracts, 12-2
- resource adapters, 12-2
- stand-alone resource adapter archives, 12-4 to 12-5
- stand-alone resource adapter example, 12-6
- JDBC
- Oracle extensions, 1-12
- retrieving connection, 1-4
- JDK 1.3, 4-7
- JMS, 11-1 to 11-10
- configuring, 11-3 to 11-10
- examples, 11-2 to 11-3
- overview, 1-2, 11-1 to 11-2
- JMS
- resource providers, 11-10
- JMS
- resource providers, 11-4
- JNDI, 2-1 to 2-11
- constructing contexts, 2-4
- environment, 2-5
- initial context factories, 2-6 to 2-11
- initial contexts, 2-2 to 2-3
- lookup of data source, 1-4
- JTA
- bean-managed transaction, 10-2, 10-8
- code download site, 10-1
- container-managed transaction, 10-2, 10-6
- demarcation, 10-2, 10-5
- deployment descriptor, 10-6
- DTD elements, 10-14
- overview, 1-2
- resource enlistment, 10-2
- retrieving data source, 10-4
- single-phase commit
- configuration, 10-2
- definition, 10-2
- specification web site, 10-1
- two-phase commit, 10-10
- configuration, 10-10
- definition, 10-2
K
- Kerberos, 4-8
- and GenericCredential interface, 12-8
L
- LDAP. See Lightweight Directory Access Protocol (LDAP)
- ldapadd tool
- creating users, 4-18
- LDAP-based provider type
- Oracle Internet Directory, 4-3
- licenses
- Apache, A-1
- Apache JServ, A-3
- third-party, A-1 to A-4
- Lightweight Directory Access Protocol (LDAP)-based environments
- in J2SE environments, 6-2
- realm contents, 4-18
- realm data storage, 4-21
- realm management, 4-17
- realm permissions, 4-22
- realm types available, 4-17
- sample Application Realm directory information tree, 4-21
- sample External Realm directory information tree, 4-18
- sample Subscriber Realm directory information tree, 4-19
- listing permission information, 7-19
- listing permissions, 7-19
- listing principal class information, 7-20
- listing principal classes, 7-20
- listing realms, 7-17
- listing roles, 7-18
- listing users, 7-18
- listperm option, 7-19
- listperms option, 7-19
- listprncpl option, 7-20
- listrealms option, 7-17
- listroles option, 7-18
- listusers option, 7-18
- LOADER attribute, 13-14
- location
- jazn element, 5-4, 9-6
- log file javacache.log, 13-27
- log() method, 13-23
- logFileName property, 13-27
- logger property, 13-27
- login method, 8-2
- login modules
- available with JAAS provider, 4-13
- configuring with different applications, 4-9
- definition, 4-9
- with JAAS, 4-9
- LoginContext class, 4-9, 8-2
- authenticating subjects, 4-9
- LoginContext.getSubject, 8-3
- logSeverity property, 13-28
- ls command, 7-24
M
- man command, 7-25
- management
- of JAAS provider, 7-2
- management tools, 7-2
- managing JAAS provider policy, 7-36
- managing JAZN
- with Java, 7-27
- managing permissions, 7-12, 7-35
- managing realms, 7-28
- managing roles, 7-32
- managing users, 7-32
- Mandatory transaction attribute, 10-7
- maxObjects property, 13-28
- maxSize property, 13-28
- Merant driver, 1-17
- migrating principals, 7-20
- mk command, 7-24
- mkdir command, 7-24
- mod_oc4j, 9-4
- mod_oc4j.conf file, 9-7
- mod_ossl, 9-8
- mod_osso, 9-8
- multiple instances
- of JAAS provider, A-2
- multiple instances of JAZN
- JAZNConfig, 7-28
N
- namespace partitioning, 4-10
- netSearch() method, 13-23, 13-50
- Never transaction attribute, 10-7
- NotSupported transaction attribute, 10-6
O
- obfuscation, 4-24
- OBJECT_INVALIDATION event, 13-29
- OBJECT_UPDATED event, 13-29
- OC4J. See Oracle9iAS Containers for J2EE (OC4J)
- OCI driver, 1-16
- OID. See Oracle Internet Directory (OID)
- Oracle Enterprise Manager (OEM), 7-2, 7-3, 7-8
- accessing JAAS provider, 7-4
- creating a new grant entry, 7-8
- creating new grant
- permission, 7-10
- creating new grants, 7-8, 7-9
- JAAS provider overview, 4-16
- principal classes, 7-9, 7-13
- revoking permissions, 7-13
- Oracle HTTPS, 1-1 to 1-20
- default system properties, 1-11
- example, 1-17
- feature overview, 1-6
- prerequisites for use, 1-2
- supported cipher suites, 1-7
- Oracle Internet Directory (OID)
- administering policy data, 4-26
- creating users, 4-18
- location, 7-28
- provider type, 4-15
- Oracle Wallet Manager
- and HTTPS, 1-8
- Oracle9iAS Containers for J2EE (OC4J), 9-2
- integration in J2EE environments, 6-4
- mapping security roles to JAAS provider users and roles, 6-15
- Oracle9iAS Single Sign-On (SSO)
- for SSO authentication, 4-13
- Oracle9iAS Web Cache, 13-2
- oracle.ias.cache, 13-19
- oracle.security.jazn package
- classes, A-2
- definition, A-2
- exceptions, A-4
- oracle.security.jazn.oc4j. JAZNServletRequest, 9-4
- oracle.security.jazn.policy package
- classes, A-7
- definition, A-6
- interfaces, A-6
- oracle.security.jazn.realm package
- classes, A-10
- definition, A-9
- interfaces, A-9
- support for realms, 4-15
- use of, 4-12
- oracle.security.jazn.util. CertHash.getHash(x509cert), 9-3
- OracleSSLCredential, 1-5, 1-14
- Oracle.ssl.defaultCipherSuites, 1-12
- ORIGINAL attribute, 13-14
- orion-application.xml file, 5-4, 9-6, 9-7, 10-11
- mapping security roles to JAAS provider users and roles, 6-15
P
- packages
- oracle.security.jazn, A-2
- oracle.security.jazn.policy, A-6
- oracle.security.jazn.realm, A-9
- partitioning, 4-10, 4-26
- passwords, 4-24
- checking, 7-17
- setting, 7-18
- permissions, 4-14, 7-10
- actions, 4-4
- administering with AdminPermission class, 4-26
- class definitions, 4-5
- class name, 4-4
- definition, 4-10
- granting and revoking with the JAZN Admintool, 7-19
- in Java2 Security Model, 4-4
- JAAS provider, 4-5
- Java permission instance contents, 4-4
- listing with the JAZN Admintool, 7-19
- management in LDAP-based environments, 4-26
- management in XML-based environments, 4-23, 4-26
- managing, 7-12, 7-35
- target, 4-4
- persistence, 4-24
- Pluggable Authentication Module (PAM), 4-7
- policies
- administering with JAZN Admintool, 4-24
- administering with Oracle Internet Directory (OID), 4-26
- administration, 4-24
- definition, 4-10
- information storage in XML-based provider type, 4-23
- management in LDAP-based environments, 4-26
- management in XML-based environments, 4-23
- policy entries, 7-4
- policy files
- codesource, 4-10
- example, 4-10
- subject, 4-10
- policy partitioning
- among realms, 4-27
- PoolAccess object, 13-41
- PoolAccess.close() method, 13-41
- PoolAccess.get() method, 13-41
- PoolAccess.getPool() method, 13-41
- PoolAccess.returnToPool() method, 13-41
- PoolInstanceFactory
- implementing, 13-42
- principal, 4-8, 8-2
- principal classes, 7-9, 7-13
- listing information with the JAZN Admintool, 7-20
- principal-based authorization
- support for, 4-7
- principals, 7-9, 7-36
- definition, 4-8
- with JAAS, 4-8
- principals.xml file, 6-4
- converting from, 7-20
- PrivilegedAction interface, 8-3, 8-4
- privileges, 4-15
- protection domain
- definition, 4-4
- in Java2 Security Model, 4-5
- provider types, 4-3, 4-17
- in J2SE environments, 6-2
- managing, 4-13
- Oracle Internet Directory (OID), 4-15, 4-24
- retrieving permissions from, 4-13
- storing policy information, 4-24
- XML-based, 4-15, 4-24
- public key certificates, 4-8
- pwd command, 7-25
Q
- QoS contracts, 12-2
- quality of service contracts, 12-2
- Quick Start, 5-1
R
- RAR file
- RBAC, 4-9
- RBAC. See role-based access control (RBAC)
- Realm interface
- definition, A-9
- realm name, 7-28
- realm permissions
- management in LDAP-based environments, 4-22
- Realm.LDAPProperty interface
- definition, A-9
- RealmLoginModule, 4-13
- RealmLoginModule class, 9-2
- definition, A-10
- for SSL and Basic authentication, 4-13
- in J2SE environments, 6-2, 8-2
- RealmManager class, 7-33
- definition, A-10
- RealmPermission class, 4-22
- action names, A-10
- definition, 4-5, 4-6, A-10
- RealmPrincipal interface, 4-12, 9-3
- definition, A-9
- RealmRole interface
- definition, A-9
- realms
- adding and removing with the JAZN Admintool, 7-16
- creation of realm container in LDAP-based environments, 4-21
- data storage in LDAP-based environments, 4-21
- definition, 4-10, 4-12
- dropping, 7-29, 7-32
- information storage in XML-based provider type, 4-23
- JAAS provider enhancements, 4-15
- JAAS provider framework, 4-17
- JAAS provider support, 4-12
- listing with the JAZN Admintool, 7-17
- managing in LDAP-based environments, 4-17
- managing in XML-based provider type, 4-22
- name, 7-28
- permission management in LDAP-based environments, 4-22
- policy partitioning, 4-27
- realm contents in LDAP-based environments, 4-18
- types available in LDAP-based environments, 4-17
- types available in XML-based provider type, 4-22
- with JAAS, 4-10
- RealmUser interface
- definition, A-9
- release_Ownsership() method, 13-50
- releaseOwnership() method, 13-46
- Remote Method Invocation. See RMI.
- remprncpl option, 7-19
- remrealm option, 7-16
- remrole option, 7-17
- remuser option, 7-17
- REPLY attribute, 13-15, 13-44
- Required transaction attribute, 10-6
- RequiresNew transaction attribute, 10-7
- resource adapter, 12-2
- Resource Adapter Archive. See RAR.
- resource providers
- JMS, 11-4 to 11-10
- ResourceProvider
- JMS, 11-4
- retrieving authentication information, 9-3
- returnToPool() method, 13-41
- revokeperm option, 7-19
- revokeRole, 7-33
- revokerole option, 7-17
- revoking permissions
- Oracle Enterprise Manager, 7-13
- rm command, 7-25
- RMI
- overview, 1-2
- RMIInitialContextFactory, 2-10 to 2-11
- rmi.xml, 3-2
- role activation
- definition, 4-15
- role hierarchy
- definition, 4-14
- role management, 4-18
- role manager, 4-18
- role object class, 7-29
- role's searchbase property, 7-29
- RoleAdminPermission class, 4-27
- definition, 4-5, A-8
- role-based access control (RBAC), 4-12
- definition, 4-14
- JAAS provider support for, 4-12
- role activation, 4-15
- role hierarchy, 4-14
- support for, A-2
- RoleManager interface, 4-22, 7-32, 7-33
- createRole, 7-32
- definition, A-10
- dropRole, 7-32
- getRoles, 7-33
- grantRole, 7-32
- revokeRole, 7-33
- roles, 7-36
- adding and removing with the JAZN Admintool, 7-17
- creating, 7-33
- definition, 4-14
- dropping, 7-35
- granting, 7-33
- granting and revoking with the JAZN Admintool, 7-17
- listing with the JAZN Admintool, 7-18
- management in Application Realms, 4-18, 4-21
- management in External Realms, 4-17, 4-19
- management in LDAP-based environments, 4-17
- management in Subscriber Realms, 4-17, 4-20
- management in XML-based environments, 4-23
- managing, 7-32
- using the J2EE security role, 6-14
- with JAAS, 4-9
- run-as element, 4-2, 4-15
S
- sample application
- AccessTest1, B-11
- sample code, 7-27
- createRole, 7-33
- dropRole, 7-35
- grantRole, 7-34
- Sample J2SE Application, 8-5
- sample_subrealm realm, 5-3
- save() method, 13-35
- searching for grant entry data, 7-7
- searching for permissions, 7-12
- secure mode, 5-5, 9-8
- secure socket layer (SSL)
- authentication method, 6-6
- integration with Basic authentication, 6-12
- integration with JAAS provider, 6-9
- Secure Socket Layers (SSL), 6-6
- security role
- using in the web.xml file, 6-14
- SecurityManager, 4-5, 8-3, 8-4
- SecurityManager.checkPermission, 8-3, 9-4
- server.xml, 3-2
- server.xml file, 5-3, 9-5
- Servlet.service, 9-4
- setAttributes() method, 13-23
- setCacheEventListener() method, 13-28
- setpasswd option, 7-18
- setting a password, 7-18
- shell commands, 7-24
- shell option, 7-20
- single sign-on (SSO), 6-6, 9-2, 9-7
- integration with JAAS provider, 6-7
- SPOOL attribute, 13-15, 13-34
- sslPrincipal, 9-3
- stand-alone resource adapter, 12-2
- stand-alone resource adapter archives, 12-4 to 12-5
- stand-alone resource adapters
- example, 12-6
- starting
- JAZN Admintool, 7-15
- starting an application, 9-8
- StreamAccess object
- InputStream, 13-38
- OutputStream, 13-38
- using, 13-38
- Subject.doAS, 4-15
- Subject.doAs method, 8-3, 9-4
- associating a subject with AccessControlContext, 4-8
- invoking, 4-9
- subjects, 4-8, 8-2, 8-3
- definition, 4-8
- with JAAS, 4-8
- Subscriber Realm
- definition, 4-17
- role management, 4-17, 4-20
- sample LDAP directory information tree, 4-19
- user management, 4-17, 4-20
- Supports transaction attribute, 10-6
- SYNCHRONIZE attribute, 13-16, 13-46
- SYNCHRONIZE_DEFAULT attribute, 13-16, 13-46
T
- target names
- definition, 4-4
- of JAZNPermission class, A-3
- third-party licenses, A-1 to A-4
- TimeToLive attribute, 13-18
- transaction
- bean managed, 10-2
- container-managed, 10-2
- demarcation, 10-2, 10-5
- deployment descriptor, 10-6
- resource enlistment, 10-2
- two-phase commit, 10-10
- UserTransaction object, 10-9
U
- user communities, 4-10, 4-17
- user manager, 4-18
- user object class, 7-29
- user's searchbase property, 7-29
- UserManager interface, 4-22, 7-32
- definition, A-10
- users, 7-36
- adding and removing with the JAZN Admintool, 7-17
- creating with Oracle Internet Directory, 4-18
- creating with the ldapadd tool, 4-18
- listing with the JAZN Admintool, 7-18
- management in Application Realms, 4-18, 4-21
- management in External Realms, 4-17, 4-19
- management in LDAP-based environments, 4-17
- management in Subscriber Realms, 4-17, 4-20
- management in XML-based environments, 4-23
- managing, 7-32
- UserTransaction object
- use in JTA, 10-9
V
- Version attribute, 13-18
- view grant entry data, 7-7
- viewing existing permissions, 7-12
W
- Web Cache, 13-2
- Web Object Cache, 13-2
- Web Object cache, 13-2
- web.xml file
- using the J2EE security role, 6-14
X
- X.500 distinguished name
- Oracle Enterprise Manager, 7-10
- creating new grant, 7-10
- XML-based provider type, 4-3
- jazn-data.xml, 4-23
- provider type, 4-15
- realm and policy information storage, 4-23
- realm management, 4-22
- realm type available, 4-22
