Security is a key aspect of enterprise application development; it should be addressed with utmost importance. Java 2 Enterprise Edition (J2EE) provides a simple yet powerful means of defining role-based security in both programmatic and declarative manners. J2EE web applications are secured by defining, in the web deployment descriptor, the roles required by the subjects for accessing secured Uniform Resource Locators (URLs). As for Enterprise JavaBeans (EJBs), the security constraints are defined at method level for the home and remote interface methods in the EJB deployment descriptor.
Unable to display preview. Download preview PDF.