Business Service Security

Security for the JD Edwards EnterpriseOne business services consists of two main categories—authorization and authentication.

• Access to run published business services is managed through the JD Edwards EnterpriseOne Security Workbench. For published business services, JD Edwards EnterpriseOne uses a secure by default security model, which means that users cannot run a published business service unless a security record exists that authorizes access.

• Authentication for consuming JD Edwards EnterpriseOne business services uses standard JD Edwards EnterpriseOne user credentials or anonymous login.

Business service security ensures that business service consumers are authenticated in JD Edwards EnterpriseOne and are authorized to use the business services. The business services server uses the JD Edwards EnterpriseOne Login Module to ensure that consumers are authenticated. The module uses Java authentication and authorization service (JAAS) to validate the JD Edwards EnterpriseOne users against the EnterpriseOne Security Server. Alternatively, to give non-JD Edwards EnterpriseOne users access to business services, you set up an anonymous user login in the jdbj.ini file.

See also:

• "Understanding Business Services Server Security" in the JD Edwards EnterpriseOne Tools Business Services Server Reference Guide.

• "Managing Published Business Services Security" in the JD Edwards EnterpriseOne Tools Security Administration Guide.