The application authorization ID therefore becomes a security bottleneck; if it is ever compromised, then all enterprise resources will be exposed.
因此应用程序授权ID成为了安全瓶颈,它的泄漏将造成所有企业资源的曝光。
So the question is: how does this impact J2EE application server security, and in particular, how does it affect authorization in this space?
因此,所面临的问题是:这将如何影响J2EE应用服务器的安全性,特别是它如何影响在此领域内的授权?
This typically means that the authorization rules have to be embedded into the data access logic of the application itself.
这通常意味着必须将授权规则嵌入到应用程序本身的数据访问逻辑之中。
The "tiny little" authentication and authorization system for this "tiny little" blog application is now in place.
这个“微型”博客应用程序的“微型”身份验证和授权系统现在已经初具雏形。
Any authorization framework of substantial capability will enable an application to implement a complex and rich set of authorization rules.
任何具有强大功能的授权框架都将使应用程序能够实现一组复杂且丰富的授权规则。
The extraction of authentication and authorization services out of the application layer can help with scalability, maintainability, and re-usability for multi-tenant transactions.
从应用程序层提取认证和授权服务有助于提高多租户事务的可伸缩性、可维护性和重用性。
Such a mapping between application and user ID is only possible if each user has a separate database authorization ID.
只有当每个用户都有一个单独的数据库授权ID时,才可能出现那样的应用程序与用户ID之间的映射。
Database-level security measures including authentication and authorization might also be used to enhance application security.
数据库级的安全措施,包括身份验证和授权,也可以用于加强应用程序的安全性。
This works even when those users are connecting to DB2 through an application that itself provides a single generic authorization id when establishing connections to DB2.
即使这些用户通过应用程序连接到DB2也可以正常工作,在建立与DB2的链接时这些应用程序本身可以提供一个通用授权id。
Historically, this has resulted in applications having to reinvent existing database level authorization and auditing functions inside the application layer.
从历史的角度而言,这导致了应用程序不得不在应用层内重新进行现有的数据库级别的授权和审核功能。
Application configuration a "how a DSAPI filter was used to provide stronger authentication and authorization controls."
应用程序配置——DSAPI过滤器如何用于提供较强的身份验证和授权控制?
Be aware that authentication and authorization relies on WebSphere Application Server global security.
请注意,身份验证和授权依赖于WebSphereApplicationServer全局安全性。
This solution provides only coarse-grained authorization by the WebSphere Application Server front-end that exposes the party's business functions as web services.
这种解决方案只是通过WebSphereApplicationServer的前端(它将此方的业务功能作为Web服务公开)提供了粗粒度的授权。
Our goal is to demonstrate how to enable the integration of the message-level security tokens for use with the JEE authorization framework on WebSphere Application Server.
我们的目标是演示如何支持消息级安全令牌的集成,以在WebSphereApplication Server上结合使用JEE授权框架。
In WebSphere Application Server V7, the administrative console has been enhanced to adapt to fine-grained administrative authorization.
在WebSphereApplicationServerv 7中,管理控制台已得到增强以适应细粒度的管理授权。
Authentication is provided by the WebSphere Application Server security component, and the instance - and rule-based authorization is provided by Human Task Manager using work items.
WebSphereApplicationServer安全性组件提供身份验证,HumanTaskManager使用工作项来提供基于实例和规则的授权。
In general, servlet filters are used to control the flow of the application based on user type (or authentication and authorization) or page functionality.
通常,基于用户类型(或身份验证和授权)或页面功能将servlet过滤器用于控制应用程序流。
As a result, WebSphere Application Server only provides coarse-grain authorization based on the digital signature's success.
结果,基于数字签名的成功,WebSphereApplicationServer只提供粗粒度的授权。
In this way, a single static class declares the entire extended authorization policy of an EAz application.
通过这种方法,单个静态类可以声明EAz应用程序的完整扩展授权策略。
Authorization is essentially access control - controlling what your users can access in your application, such as resources, web pages, etc.
授权实质上就是访问控制-控制用户能够访问应用中的哪些内容,比如资源、Web页面等等。
The authorization model of a WebSphere Commerce application has three primary concepts: users, actions, and resources.
WebSphereCommerce应用程序的授权模型有三个主要概念:用户、操作和资源。
EJB component authorization is managed and enforced in the application server where the MDM server is hosted.
EJB组件授权是在MDMServer所在的应用服务器中管理和实施的。
And Rational Rapid Developer has a set of security frameworks that help you get a quick start on developing the authorization and authentication components of your application as well.
RationalRapidDeveloper还有一系列安全框架能够帮助你为你的应用程序迅速地开发授权和认证组件。
At this point, you have created a properties file realm, configured a Web application to authenticate against this security realm, and verified the authorization for resources in the application.
此时,您已经创建了一个属性文件域,并将Web应用程序配置为根据这个安全领域进行身份验证,还验证了该应用程序中对资源的授权。
In doing so, it would only need to use the Android device's web browser for purposes of authorization, but the rest of the application may be completely native.
这时,在需要授权时只需调用Android设备中的浏览器即可,应用中的其余部分完全可以是基于本地化开发的。
Many other WebSphere application Server resources, such as Work Areas, do not provide for application level authorization.
很多其他WebSphereApplicationServer资源(如工作区)并不提供应用程序级别的授权。
The authorization alias name is also specified here; WebSphere application Server security is not used in this example, but should be used in live applications.
在这里还指定授权别名;在本例中不使用WebSphereApplicationServer安全性,但应该在实际应用程序中使用它。
JXTA also has support in the authentication and authorization areas providing end-to-end application security. The authors also commented on the reliable multicast feature in JGroups framework.
JXTA还支持认证和授权,提供了端到端的安全性。
In a short amount of time you have set up a skeleton application that implements authorization.
在很短的时间里,您就已经建立了一个能实现授权的骨架应用程序。
However, if roles are contextual, based on specific usage of the application, then there may be a need to buy or build an authorization framework.
不过,如果角色与上下文相关(基于具体的应用程序使用情况),则可能需要购买或构建授权框架。
应用推荐