Security on EJB

Hi,
I'm writing an application using architecture applet-servlet-EJB, can
anyone help me on applying RDBMSrealm on my application?? I really don't
have any idea!! Thanx in advance.
Albert

Hi,
I'm writing an application using architecture applet-servlet-EJB, can
anyone help me on applying RDBMSrealm on my application?? I really don't
have any idea!! Thanx in advance.
Albert

Similar Messages

  • Security.properties & ejb.properties

    Hello!
    I have a Enterprise Application project deployed correctly in the J2EE Server (this project include a WEB Module Project and a EJB Module Project) ..
    When I'm validating into the web application, both following errors happens :
    java.io.FileNotFoundException: C:
    usr
    sap
    J2E
    JC00
    j2ee
    cluster
    server0
    config
    security.properties (El sistema no puede hallar la ruta especificada)#
    java.io.FileNotFoundException: C:
    usr
    sap
    J2E
    JC00
    j2ee
    cluster
    server0
    config
    ejb.properties (El sistema no puede hallar la ruta especificada)
    What is the way to create this files?
    Any help, please?
    Thanks

    Hi Carlos,
    I am having same issue. Could you tell me how did you solved the issue?
    Thanks,
    Parimal

  • Securing an EJB with Annotations

    I would like to build an EJB that uses annotations to secure various functions but the only documentation I have come across is specific to JBoss which uses a custom annotation to specify the security domain. I would prefer to build this in an application server agnostic manner, is there a way in JBoss to specify the domain without using this custom annotation?
    Ultimately the plan is to provide a user interface such that if a user logs in he is presented with a certain set of capabilities and if an admin logs in another set of capabilities. After a user logs in using JAAS is there a way to get the roles that the user belongs to from the Web Tier (i.e. a Flex Client, JSP, Thick Client)? Thanks in advance.

    JaM2003 wrote:
    Thanks for your input duffymo. I would agree that I would prefer to keep these things outside the EJB, but my understanding is that the descriptor files overwrite what is in the EJB so there is no harm in having them there right?No idea.
    My basic issue is trying to authenticate Flex Clients properly. I was unable to find a great deal of information about Flex Clients and JAAS online so I have resorted to building an EJB that does the authentication based on username/passwords given to it. Not as clean as I would prefer but at this point I see no alternative.Good question. I don't know the answer.
    %

  • Need help using XWS-Security with EJB service endpoint

    I am trying to use XWS-Security along the lines of the JWSDP 1.6 examples, but with an EJB endpoint deployed in an ejb-jar file rather than a typical service endpoint deployed in a WAR.
    Any information on how to do this would be appreciated. I believe I'm close to getting an example working- the details on the problem I've encountered are below.
    I use WSCompile to generate stubs and ties for my WS, and XDoclet to generate the ejb-jar.xml. I deploy the ejb-jar on JBoss 4.0.2.
    The problem I'm having is that the security features are handled in the Stubs and Ties generated by WSCompile, and my server-side refuses to use the WSCompile generated Tie. Previously the web service had used the WSCompile argument 'import="true"', which generated no tie, and the web service worked (this was before I tried to add security features). Whatever mechanism had been used to direct messages to my EJB then is still being used now (JNDI, I believe, facilitated by the ejb-jar.xml and webservices.xml files), and bypassing the Tie class that I now generate using 'server="true"'.
    There must be some way I can reconfigure my webservice so that the WSCompile generated Tie is used, but I can't find any help on the topic.
    Can anyone tell me how to make sure my webservice will use the Tie class on the server side? Is it even possible when using EJBs instead of servlets?

    Burn your CD using iTunes. Then rip the music off of the CD using any "ripping" program. Just make sure the program you use has the "save as .wav" option available. Im not familiar with MusicMatch but I'm sure you would be able to use it.

  • Security in ejb

    Hi all,
    I understand that in a ejb when a request comes for a method, caller's principle object is checked to determine whether user belong to the group for which this method is given access..but i have a doubt regarding how a particular user is added to this role..ie..if i want to give administrator's previlage to a user , how i'll do it...please explain
    thanks

    This all depends on the vendor/App server you are using.
    A role maps to group in weblogic server. So if you want to assign admin privileges, then you have to add the principal to the role/group
    you also have to add certain entries in xml files which is vendor specific. Then from the client's code you pass the principal and password in context.
    HTH
    Ashwani

  • How to secure an ejb?

    Hello,
    I have an ear i would like to give to people for then to use and test it.
    But i don't want them to look into and of course i don't want them to look at the source.
    Is there a way to do that?
    Loic

    Dont include the .java files in the EAR
    Only give them .class files

  • Security.properties, ejb.properties, transaction.interoperability

    My team is attempting to upgrade our app to Java 1.4.2_04. We have a Java application that is using J2EE. We keep getting exceptions in our log file pertaining to the above file names 'not found'.
    If these are required files, can anyone help us figure out what the format, etc of these files should be so that we can get rid of these exceptions?

    Hi,
    I am also getting these exceptions in my application. Could you please let me know what you did to get rid of these.
    Regards,
    Akhil

  • EJB 3.0 web services security (WS-Security)

    How do I enable WS-Security on EJB 3.0 based web services? Since only the @WebService annotation is required to expose a EJB 3.0 bean as a web service, how do I configure options that were previously in oracle-webservices.xml under the <security> tag?

    I have been trying to do the same... and it seems to be impossible... (or completly undocumented).
    It seems that OC4J 10.3.x is ... no exactly fully EJB3/J2EE5 compliant...
    Or something like that:
    http://blogs.infosupport.com/berte/archive/2005/09/09/1117.aspx
    IMHO... OC4J 10.3.x is still a preview for OC4J 11...
    OC4J 10.3.x is kind of a J2EE4/5 hybrid... if you start digging in the documentation, you will find out that the only
    way to have WS-Security is going back to J2EE4 http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
    (of course, I hope you probe me wrong)
    Message was edited by:
    luxspes

  • JAAS security prncipal not propogating in EJB web service end point

    I have a web application which communicate a independent EJB module via web service end points. when request reaches the web service principal is found as null. I use BASIC authentication in web page. I works well on web pages.
    Pl. help me how jaas security principals, group and roles an be propogated to a web service

    Took a look at your .ear file .
    So here's the problem .You are trying to use sun's proptrietary DD entries to secure an ejb-ws : <login-config> from is an entry from sun's proprietary DD.(sun-ejb-jar.xml)
    oracle also provides a mechanism to transport secure an ejb-ws , though the publicly available version of app server (the one you have , did not had that feature ).The next drop will have the same .
    Having said that , what you have should be enough to secure an ejb-ws if you are using only BASIC auth .
    I can see that your EJB has some C:\... entries , unless those entries have the right security permissions , your ejb would not be able to load them , with the security credentials sent from the client .
    When I deployed and ran your .ear file ,
    I got errors such as
    <faultstring>Internal Server Error (caught exception while handling request: oracle.oc4j.rmi.OracleRemoteException: Error in ejbCreate(): nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI; nested exception is: javax.ejb.EJBException: nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI)</faultstring>
    </env:Fault>
    implying that there are some references to entries not available inside the .ear .
    you can test if the ejb-ws is deployed and running by using the test page through your browser :
    http://<your host>:8888/rochade/srap/scriptExecWSI
    Anirban

  • EJB method security

    I know that it is possible to secure an EJB method by method using ejb-jar.xml or securing them all by specifying <method-name>*</method-name>. I was wondering though how you can easily open up just a few of those methods for use by an anonymous user. I have a large number of methods and was hoping I would only have to specify the ones that need not be secure, instead of securing all of the other ones, one by one.
    Thanks in advance,
    Ted

    Hello,
    It should be pretty simple to open up a few methods for use by an anonymous user.
    In your ejb-jar.xml file add an anonymous user role and add that role to the methods you want to open up
    <assembly-descriptor>
    <security-role>
    <role-name>manger</role-name>
    </security-role>
    <security-role>
    <role-name>anonymous</role-name>
    </security-role>
    <method-permission>
    <!-- open up this method -->
    <role-name>manager</role-name>
    <role-name>anonymous</role-name>
    <method>
    <ejb-name>accountsPayable</ejb-name>
    <method-name>getReceipts</method-name>
    </method>
    </method-permission>
    <assembly-descriptor>
    Of course
    Cheers,
    Hoos
    Message was edited by hoos at Feb 11, 2005 3:40 AM

  • Web app security exception: Bad URLMatchMap

    Can anyone help me diagnose an error? I am simply trying to place a security constraint
    on a servlet within an ear-deployed web-application.
    The exception occurs as the first POST comes to the servlet I am trying to protect:
    <Apr 16, 2001 12:40:09 PM EDT> <Error> <Kernel> <ExecuteRequest failed
    java.lang.IllegalArgumentException: bad URLMatchMap path: 'version="1.0"'
    at weblogic.servlet.utils.URLMatchMap.get(URLMatchMap.java:196)
    at weblogic.servlet.security.internal.WebAppSecurity.getConstraint(WebAp
    pSecurity.java:135)
    at weblogic.servlet.security.internal.SecurityModule.checkTransport(Secu
    rityModule.java:177)
    at weblogic.servlet.security.internal.BasicSecurityModule.checkA(BasicSe
    curityModule.java:48)
    at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess
    (ServletSecurityManager.java:150)
    at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppSe
    rvletContext.java:1250)
    at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestIm
    pl.java:1622)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    >
    <?xml version="1.0" ?>
    <!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN'
    'http://java.sun.com/j2ee/dtds/web-app_2.2.dtd'>
    <web-app>
    <display-name>ANSWeb</display-name>
    <description>no description</description>
    <servlet>
    <servlet-name>UPMessageServlet</servlet-name>
    <display-name>UPMessageServlet</display-name>
    <description>no description</description>
    <servlet-class>com.aether.ans.gateway.up.UPMessageServlet</servlet-class>
    </servlet>
    <servlet>
    <servlet-name>ANSServlet</servlet-name>
    <display-name>ANSServlet</display-name>
    <description>no description</description>
    <servlet-class>com.aether.ans.server.ANSServlet</servlet-class>
    <load-on-startup />
    </servlet>
    <servlet>
    <servlet-name>WCTPServlet</servlet-name>
    <display-name>WCTPServlet</display-name>
    <description>no description</description>
    <servlet-class>com.aether.ans.gateway.wctp.WCTPServlet</servlet-class>
    </servlet>
    <servlet-mapping>
    <servlet-name>UPMessageServlet</servlet-name>
    <url-pattern>/UPMessage</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>ANSServlet</servlet-name>
    <url-pattern>/Server</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>WCTPServlet</servlet-name>
    <url-pattern>/WCTPCallback</url-pattern>
    </servlet-mapping>
    <session-config>
    <session-timeout>30</session-timeout>
    </session-config>
    <resource-ref>
    <description>no description</description>
    <res-ref-name>url/ANS.dtd</res-ref-name>
    <res-type>java.net.URL</res-type>
    <res-auth>Container</res-auth>
    </resource-ref>
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>Protected Server</web-resource-name>
    <url-pattern>/Server</url-pattern>
    <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
    <role-name>Client</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>BASIC</auth-method>
    </login-config>
    <security-role>
    <role-name>Client</role-name>
    </security-role>
    <ejb-ref>
    <description>no description</description>
    <ejb-ref-name>ejb/ANSServer</ejb-ref-name>
    <ejb-ref-type>Session</ejb-ref-type>
    <home>com.aether.ans.server.ANSServerHome</home>
    <remote>com.aether.ans.server.ANSServer</remote>
    </ejb-ref>
    <ejb-ref>
    <description>no description</description>
    <ejb-ref-name>ejb/Alert</ejb-ref-name>
    <ejb-ref-type>Entity</ejb-ref-type>
    <home>com.aether.ans.entity.AlertHome</home>
    <remote>com.aether.ans.entity.Alert</remote>
    </ejb-ref>
    </web-app>
    <?xml version="1.0" ?>
    <!DOCTYPE weblogic-web-app PUBLIC '-//BEA Systems, Inc.//DTD Web Application 6.0//EN'
    'http://www.beasys.com/servers/wls600/dtd/weblogic-web-jar.dtd'>
    <weblogic-web-app>
    <description>no description</description>
    <security-role-assignment>
    <role-name>Client</role-name>
    <principal-name>Client</principal-name>
    </security-role-assignment>
    <reference-descriptor>
    <resource-description>
    <res-ref-name>url/ANS.dtd</res-ref-name>
    <jndi-name>ans.url.dtd</jndi-name>
    </resource-description>
    <ejb-reference-description>
    <ejb-ref-name>ejb/Alert</ejb-ref-name>
    <jndi-name>ejb.Alert</jndi-name>
    </ejb-reference-description>
    <ejb-reference-description>
    <ejb-ref-name>ejb/ANSServer</ejb-ref-name>
    <jndi-name>ejb.ANSServer</jndi-name>
    </ejb-reference-description>
    </reference-descriptor>
    </weblogic-web-app>

    Hi Andrew,
    Even without moderation enabled, any submission made through the BC platform is filtered through our protection engine to prevent XSS. Any type of potentially malicious code is immediately stripped from the submission, and this is not done at a client-side level.
    Kind Regards,
    Alex

  • Network Security Requirement : Confidential - Not Enforced

    I am having a perplexing problem with the network security requirement feature in SJSAS 8 Update 1.
    In deploytool, under my WAR, in the security tab, for my only SecurityConstraint, I set the Network Security Requirement to CONFIDENTIAL. This should cause any access to thse objects over port 80 to be redirected to https via for 443.
    The failure is that it does not redirect clients accessing over port 80 to a secure connection. The tricky part is that it fails in a completely random way. Sometimes for some WARs it will work as expected, then after X number of server restarts / redeployments, some of the same WARs will not do the redirect as expected. Through continuous redeploys and restarts during development, all WARs will or will not do the redirect in any given situation.
    Has anyone else experienced this problem and worked around it? Any help is greatly appreciated! Thanks in advance!
    mod_critical

    The following is the deployment descriptor for one of the WARs (this problem affects them all, on multiple different machines with different setups).
    The following is from the Security Contraint:
    <security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint>
    The rest is as follows:
    <?xml version='1.0' encoding='UTF-8'?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" > <display-name>CVBadmin</display-name> <servlet> <display-name>assetmodel/OpenRecord</display-name> <servlet-name>assetmodel/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Lookup</display-name> <servlet-name>participant/personell/account/Lookup</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Lookup</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/record</display-name> <servlet-name>participant/personell/account/record</servlet-name> <jsp-file>/participant/personell/account/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/Remove</display-name> <servlet-name>assetmodel/line/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Remove</servlet-class> </servlet> <servlet> <display-name>participant/location/record</display-name> <servlet-name>participant/location/record</servlet-name> <jsp-file>/participant/location/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Save</display-name> <servlet-name>assetmodel/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Save</servlet-class> </servlet> <servlet> <display-name>syncError</display-name> <servlet-name>syncError</servlet-name> <jsp-file>/syncError.jsp</jsp-file> </servlet> <servlet> <display-name>participant/Search</display-name> <servlet-name>participant/Search</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Search</servlet-class> </servlet> <servlet> <display-name>participant/location/List</display-name> <servlet-name>participant/location/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Create</display-name> <servlet-name>participant/personell/account/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/listresults</display-name> <servlet-name>participant/personell/listresults</servlet-name> <jsp-file>/participant/personell/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/record</display-name> <servlet-name>participant/record</servlet-name> <jsp-file>/participant/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/account/Passwd</display-name> <servlet-name>participant/personell/account/Passwd</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Passwd</servlet-class> </servlet> <servlet> <display-name>participant/location/Create</display-name> <servlet-name>participant/location/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Create</servlet-class> </servlet> <servlet> <display-name>Logout</display-name> <servlet-name>Logout</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.Logout</servlet-class> </servlet> <servlet> <display-name>participant/location/Remove</display-name> <servlet-name>participant/location/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Save</display-name> <servlet-name>participant/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/listresults</display-name> <servlet-name>assetmodel/listresults</servlet-name> <jsp-file>/assetmodel/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/record</display-name> <servlet-name>assetmodel/line/record</servlet-name> <jsp-file>/assetmodel/line/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/List</display-name> <servlet-name>assetmodel/line/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.List</servlet-class> </servlet> <servlet> <display-name>participant/personell/Save</display-name> <servlet-name>participant/personell/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Save</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Create</display-name> <servlet-name>assetmodel/line/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/List</display-name> <servlet-name>participant/personell/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/Create</display-name> <servlet-name>assetmodel/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Create</servlet-class> </servlet> <servlet> <display-name>participant/Remove</display-name> <servlet-name>participant/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Remove</servlet-class> </servlet> <servlet> <display-name>participant/Create</display-name> <servlet-name>participant/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.Create</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/listresults</display-name> <servlet-name>assetmodel/line/listresults</servlet-name> <jsp-file>/assetmodel/line/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>participant/personell/Remove</display-name> <servlet-name>participant/personell/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/List</display-name> <servlet-name>assetmodel/List</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.List</servlet-class> </servlet> <servlet> <display-name>assetmodel/record</display-name> <servlet-name>assetmodel/record</servlet-name> <jsp-file>/assetmodel/record.jsp</jsp-file> </servlet> <servlet> <display-name>participant/searchresults</display-name> <servlet-name>participant/searchresults</servlet-name> <jsp-file>/participant/searchresults.jsp</jsp-file> </servlet> <servlet> <display-name>menu</display-name> <servlet-name>menu</servlet-name> <jsp-file>/menu.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/line/OpenRecord</display-name> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/listresults</display-name> <servlet-name>participant/location/listresults</servlet-name> <jsp-file>/participant/location/listresults.jsp</jsp-file> </servlet> <servlet> <display-name>exception</display-name> <servlet-name>exception</servlet-name> <jsp-file>/exception.jsp</jsp-file> </servlet> <servlet> <display-name>participant/OpenRecord</display-name> <servlet-name>participant/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/location/Save</display-name> <servlet-name>participant/location/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.Save</servlet-class> </servlet> <servlet> <display-name>participant/personell/OpenRecord</display-name> <servlet-name>participant/personell/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.OpenRecord</servlet-class> </servlet> <servlet> <display-name>participant/personell/Create</display-name> <servlet-name>participant/personell/Create</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.Create</servlet-class> </servlet> <servlet> <display-name>participant/personell/account/Remove</display-name> <servlet-name>participant/personell/account/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.personell.account.Remove</servlet-class> </servlet> <servlet> <display-name>participant/personell/record</display-name> <servlet-name>participant/personell/record</servlet-name> <jsp-file>/participant/personell/record.jsp</jsp-file> </servlet> <servlet> <display-name>assetmodel/Remove</display-name> <servlet-name>assetmodel/Remove</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.Remove</servlet-class> </servlet> <servlet> <display-name>assetmodel/PreRecord</display-name> <servlet-name>assetmodel/PreRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.PreRecord</servlet-class> </servlet> <servlet> <display-name>assetmodel/line/Save</display-name> <servlet-name>assetmodel/line/Save</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.assetmodel.line.Save</servlet-class> </servlet> <servlet> <display-name>participant/location/OpenRecord</display-name> <servlet-name>participant/location/OpenRecord</servlet-name> <servlet-class>com.deerteck.cvb.servlet.CVBadmin.participant.location.OpenRecord</servlet-class> </servlet> <servlet-mapping> <servlet-name>assetmodel/OpenRecord</servlet-name> <url-pattern>/assetmodel/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Lookup</servlet-name> <url-pattern>/participant/personell/account/lookup</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/record</servlet-name> <url-pattern>/participant/personell/account/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Remove</servlet-name> <url-pattern>/assetmodel/line/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/record</servlet-name> <url-pattern>/participant/location/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Save</servlet-name> <url-pattern>/assetmodel/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>syncError</servlet-name> <url-pattern>/syncError</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Search</servlet-name> <url-pattern>/participant/search</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/List</servlet-name> <url-pattern>/participant/location/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Create</servlet-name> <url-pattern>/participant/personell/account/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/listresults</servlet-name> <url-pattern>/participant/personell/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/record</servlet-name> <url-pattern>/participant/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Passwd</servlet-name> <url-pattern>/participant/personell/account/passwd</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Create</servlet-name> <url-pattern>/participant/location/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Logout</servlet-name> <url-pattern>/logout</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Remove</servlet-name> <url-pattern>/participant/location/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Save</servlet-name> <url-pattern>/participant/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/listresults</servlet-name> <url-pattern>/assetmodel/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/record</servlet-name> <url-pattern>/assetmodel/line/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/List</servlet-name> <url-pattern>/assetmodel/line/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Save</servlet-name> <url-pattern>/participant/personell/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Create</servlet-name> <url-pattern>/assetmodel/line/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/List</servlet-name> <url-pattern>/participant/personell/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Create</servlet-name> <url-pattern>/assetmodel/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Remove</servlet-name> <url-pattern>/participant/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/Create</servlet-name> <url-pattern>/participant/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/listresults</servlet-name> <url-pattern>/assetmodel/line/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Remove</servlet-name> <url-pattern>/participant/personell/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/List</servlet-name> <url-pattern>/assetmodel/list</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/record</servlet-name> <url-pattern>/assetmodel/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/searchresults</servlet-name> <url-pattern>/participant/searchresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>menu</servlet-name> <url-pattern>/menu</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/OpenRecord</servlet-name> <url-pattern>/assetmodel/line/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/listresults</servlet-name> <url-pattern>/participant/location/listresults</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>exception</servlet-name> <url-pattern>/exception</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/OpenRecord</servlet-name> <url-pattern>/participant/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/Save</servlet-name> <url-pattern>/participant/location/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/OpenRecord</servlet-name> <url-pattern>/participant/personell/openrecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/Create</servlet-name> <url-pattern>/participant/personell/create</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/account/Remove</servlet-name> <url-pattern>/participant/personell/account/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/personell/record</servlet-name> <url-pattern>/participant/personell/record</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/Remove</servlet-name> <url-pattern>/assetmodel/remove</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/PreRecord</servlet-name> <url-pattern>/assetmodel/prerecord</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>assetmodel/line/Save</servlet-name> <url-pattern>/assetmodel/line/save</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>participant/location/OpenRecord</servlet-name> <url-pattern>/participant/location/openrecord</url-pattern> </servlet-mapping> <session-config> <session-timeout>60</session-timeout> </session-config> <error-page> <error-code>500</error-code> <location>/exception.jsp</location> </error-page> <security-constraint> <display-name>SecurityConstraint</display-name> <web-resource-collection> <web-resource-name>WRCollection</web-resource-name> <url-pattern>/participant/*</url-pattern> <url-pattern>/assetmodel/*</url-pattern> <url-pattern>/*</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <auth-constraint> <role-name>asadmin</role-name> <role-name>cvbdataentry</role-name> <role-name>cvbadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>ldap</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/loginFail.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>asadmin</role-name> </security-role> <security-role> <role-name>cvbdataentry</role-name> </security-role> <security-role> <role-name>cvbadmin</role-name> </security-role> <security-role> <role-name>customer</role-name> </security-role> <security-role> <role-name>accountant</role-name> </security-role> <security-role> <role-name>participant</role-name> </security-role> <ejb-local-ref> <ejb-ref-name>ejb/DataAccessBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.DataAccessLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.DataAccessLocalObject</local> <ejb-link>ejb-jar-ic1.jar#DataAccessBean</ejb-link> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/LDAPBean</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>com.deerteck.cvb.ejb.session.LDAPLocalHome</local-home> <local>com.deerteck.cvb.ejb.session.LDAPLocalObject</local> <ejb-link>ejb-jar-ic1.jar#LDAPBean</ejb-link> </ejb-local-ref> </web-app>

  • Adaptative web service or EJB ?

    Hi everybody,
    I want consume a web service from  a system SAP R/3.
    Apparently, we can consume with component EJB ...
    What is the difference between a adaptative web service and EJB ?
    More security with EJB ?
    Thanks
    Rodolphe.

    Hi,
    We use for ejbs when we have to store data in database..
    if ejbs r like a medium for data transfer..where session bean contain ur business logic..
    u cn use webdynpro interface as well as jsp interface wid ejb..
    if u r using ejb u'll have to create an ejb projct first then u'll hav to create java proct which will contain ur wrapper class for fields.later on u'll have to create one application project tht wud b an Ear projct.nw u create a web service for session bean ..aftr doin this all u can test webservice which will b executed for ur business method.
    for more security u can use ejb security model :[http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/Security.html]
    Web services r created for session bean..so that u cn directly access ur methods via url..
    for a detailed description of web service go through :- [http://help.sap.com/saphelp_nw04/helpdata/en/d6/f9bc3d52f39d33e10000000a11405a/content.htm]
    for ejb project go through this1 :[https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/ca4a9c90-0201-0010-c389-8738cd51a88e]
    Regards,
    Khushboo

  • What is the best way to maintain access control management - Weblogic, LDAP Server or EJB

    Hi All,
    I am involved in creating an application which maintains/manages
    the user privileges. The application is deployed in Weblogic6.1 and
    the users are stored in LDAP Server. The LDAP Server is located
    geographically away and I dont have rights to add or remove users. I
    have to write an application in EJB which will give different
    privileges to the users who are stored in LDAP Server. users may have
    different privileges of same Group.
    Please let me know how can I proceed. Whether I got to go with ACL's
    or Declarative Security in EJB component.
    Thanks in Advance...
    with regards,
    Gokul.

    Please let me know how can I proceed. Whether I got to go with ACL's
    or Declarative Security in EJB component.Couple of points.
    o You can not set ACL on EJB thru console. ( If you mean to do that) You can
    set the
    ACL on JNDI context on which you do a lookup.
    o If you do not want to set ACLs in JNDI context, your option is use
    declarative security
    in your ejb xml descriptors.
    I hope this answers your question.
    -utpal

  • Newbie ?: EJB vs servlets

    I'm just starting out teaching myself J2EE related technologies. I have extensive development experience in other environments. I've only dabbled in Java quite a few years ago.
    I have a general sense of the difference between EJB and servlets but couldn't find an official description/comparison in any of the FAQs that I've read. Could someone please compare and contrast the two technologies?
    Also, I'd welcome any tips/suggestions regarding my learning experience, including but not limited to:
    - suggested sequence of learning supporting/related technologies (e.g. Java, JSP, servlets, JavaBeans, EJB, JDBC, JavaServer Faces, CORBA, OOAD, UML etc.)
    - recommended/popular development tools/IDEs etc.
    - learning resources/books etc.
    I'm currently reading the free PDF version of "Core Servlets and JSP" by Marty Hall.
    Thanks,
    Gary White

    Few Diffs:-
    1. Servlets run in a web container and EJBs run in a EJB Container.
    2. Use of Servlets is thru HTTP protocol and EJBs by look-up(internally RMI-IIOP)
    3. Developers has to explicity code for dattabaase transaction and security. EJBs: Container will manage every thing.
    4. Mainly: Servlets are server side code that generate dydnamic web page content to display. But EJBs are reusable component run in container.
    The sequence is: Java, JavaBeans, JDBC, Servlets, JSP, JSF & EJB
    I recommened JCreator LE IDE as it is developed in VC++ which runs fast. But another powerfull IDE is the Eclipse.
    Books:
    Java. Thinking in Java, Sun Tutorial
    JSP & Servlets: the book you are following work fine
    EJB> Mastering EJB by Ed Romans

Maybe you are looking for

  • SQL Developer "Locks-Up" when Expanding Synonym Folder

    It appears that every time I try and expand the Synonyms folder for a database user with many synonyms (hundreds?) SQL Developer hangs. If I try and stop the loading synonyms by cancelling the task (View Task Progress -> Cancel), the "Loading" proces

  • How does one pass import parameters to a report within a method?

    Hello all, Well how does one  pass import parameters to a report which is within a method ...end method. for example : method 123 SUBMIT reportname using selection '1000' endmethod . Here we need to pass values into the selection screen and run the r

  • Homesite 5 User Looking At Dreamweaver

    I am considering buying Dreamweaver and getting with that program after years of hard coding in Homesite 5.Most of what I do is HTML with some PHP. I use code for my website, made up in Zen Cart. I have Photoshop, Elements, Illustrator...all the usua

  • Connecting iphone 4S to car stereo problems

    I have a new iPhone 4S and when I connect it to my car stereo via a Monster cable I can hear static.  My wife's older iPhone does not have this issue.  Her phone plays, just as my old iPhone 3, perfect music.  I have checked my connections with the n

  • Safe to turn off time capsule when not using it?

    Should you turn off your time capsule when you are not using it or should you just leave it on all of the time?? I really don't want it to die on me... Thank you.