Programming Security For Java Applications

     Previous  Next    Contents    View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Introduction

Scope

Documentation Audience

Guide to this Document

Related Information

Introduction

Java Security Service Module Environment

Java Security Service Module Functional Description

Security Service APIs

Authentication Service

Authorization Service

Auditing Service

Role Service

Credential Mapping Service

Security Framework

Security Providers

Java Security Service Module Concepts

General Concepts

Anonymous User

Compatibility

DeepTokenEnumeration

TokenEnumeration

Concepts that Relate to Interfaces and Classes

AccessResult

Application Configuration

Application Context

AppContextElement

AttributeValueEnumeration

AuditRecord

AuthenticIdentity

ContextAuditRecord

HashMapContext

IdentityRole

NameAttributeType

NameAttributeValue

NamedObjects

NamingAuthority

NamingAuthorityManager

PolicyDomain

RuntimeAction

RuntimeResource

SecurityRuntime

ServiceType

ServiceVersion

SimpleContextElement

Naming Authority

Why Use a Naming Authority?

How the Use of Naming Authorities Guarantees Uniqueness

Name Scoping

How a Naming Authority Adds Structure

Name Parsing and Formatting

Associating a Named Object with a Naming Authority

Types of Authorities Supported

Sub-Authorities

Peer Authorities

Self-Referencing Authorities

Supported Naming Authority Attributes

SINGLE_VALUE and MULTI_VALUE PREFIX Attribute

SINGLE_VALUE and MULTI_VALUE TERMINAL Attribute

SINGLE_VALUE Attribute

MULTI_TOKEN Attribute

Setting up Naming Authorities

Pre-Configured Naming Authorities

URLBASE

UNC

ARME_RESOURCE_AUTHORITY

Example of Using ARME_RESOURCE_AUTHORITY From the Java API

Action Naming Authorities

ARME_ACTION_AUTHORITY

SIMPLE_ACTION

Audit Event Naming Authorities

AUDITBASE

SAMPLEAUDITRECORD

Naming Authority Classes

Attribute Precedence

Example Naming Authority Definition

Java Security Service Module APIs

Java Security Service Module APIs

AuthenticationService API

AuthorizationService API

AuditingService API

RoleService API

CredentialMappingService API

Java SDK APIs

Developing Applications Using the Java Security Service Module

Overview of the Application Programming Steps

Choosing an Application Programming Model

Defining the Application Context and Structure

Defining and Specifying Naming Conventions

Defining and Implementing a Naming Authority

Using the DataDrivenAuthority Class

Using a DataDrivenAuthority XML File

Creating a Custom Naming Authority Class from the NamingAuthority Base Class

Registering a New Naming Authority

Using a Naming Authority Class

Using an XML file

Using a DataDrivenAuthority Object

Writing Java SSM Applications

Knowledge Required of the Java SSM Environment

Writing an Authentication Application

Step-By-Step Procedure for Writing an Authentication Application

Other AuthenticationService Methods

assertIdentity Method

getChallengeAsssertionToken Method

isAssertionTokenSupported Method

Writing an Authorization Application

Step-by-Step Procedure for Writing an Authorization Application

AuthorizationService.isAuthenticationRequired Method

Writing an Auditing Application

Writing a Role Service Application

Writing a Credential Mapping Application


  Back to Top       Previous  Next