The JavaTM Web Services Tutorial
Home
TOC
Index
PREV TOP NEXT
Divider

Web Application Security

Debbie Carson

The Web services security model is based on the Java Servlet specification. This model insulates developers from mechanism-specific implementation details of application security. The Java WSDP provides this insulation in a way that enhances the portability of applications, allowing them to be deployed in diverse security environments.

Some of the material in this chapter assumes that you have an understanding of basic security concepts. To learn more about these concepts, we highly recommend that you explore the Security trail in The Java Tutorial (see http://java.sun.com/docs/books/tutorial/security1.2/index.html) before you begin this chapter.

In This Chapter
Overview
Users, Groups, and Roles
Security Roles
Managing Roles and Users
Mapping Application Roles to Realm Roles
Web-Tier Security
Protecting Web Resources
Controlling Access to Web Resources
Security Settings without deploytool
Authenticating Users of Web Resources
Using Programmatic Security in the Web Tier
Unprotected Web Resources
EIS-Tier Security
Configuring Sign-On
Container-Managed Sign-On
Component-Managed Sign-On
Installing and Configuring SSL Support on Tomcat
Using JSSE
Setting Up a Server Certificate
Configuring the SSL Connector
Verifying SSL Support
Troubleshooting SSL Connections
General Tips on Running SSL
Further information on SSL
Further Information
Divider
Home
TOC
Index
PREV TOP NEXT
Divider

This tutorial contains information on the 1.0 version of the Java Web Services Developer Pack.

All of the material in The Java Web Services Tutorial is copyright-protected and may not be published in other works without express written permission from Sun Microsystems.