This week's book giveaway is in the Agile and Other Processes forum.
We're giving away four copies of The Little Book of Impediments (e-book only) and have Tom Perry on-line!
See this thread for details.
Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

SignOnFilter doubts

 
Art van de Belt
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I've seen a lot of applications (including the Petstore) that use a Servlet filter for authentication purposes and not using declarative security. The main reason for using this filter is to allow dynamic user registration.
However, I've not seen an approach that also protects the EJB tier from direct access. The Petstore for example defines <unchecked> in the deployment descriptor of the EJB jars. From a security point of view I would not allow direct access to any EJB ever (including direct access from within the intranet!).
Has anyone an idea how I can use the SignOnFilter and at the same time protect my EJBs from direct access? Or even better, use the roles from the deployment descriptors? Is JAAS the way to go?
HTH,
Art
 
Rufus BugleWeed
Ranch Hand
Posts: 1551
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm so confused at some point in the hierarchy there is a session facade, no?
The current theory is the web tier and the ejb tier are in the same JVM, no?
 
Billy Tsai
Ranch Hand
Posts: 1304
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what kind of relationship does signonfilter and encodingfilter classes have with other class?
does SignOnFilter have any relationship with MainServlet? like 1 to 1
what about EncodingFilter? with TempletServlet or MainServlet?
or they dont have any relationship and do we or dont we need to show the relationship of those to filters forwarding to other class or being forwarded to them?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic