Questo contenuto non è disponibile nella lingua selezionata.

Chapter 5. Overview


Application security encompasses authentication, authorization, mapping and auditing.
Authentication
Process by which the server determines whether a user should be able to access a system or operation.
Authorization
Process by which the server determines whether an authenticated user has permission to access specific privileges or resources in the system or operation.
Mapping
Process by which the server associates authenticated users with predefined authorization profiles.
Auditing
Process by which the server monitors authentication and authorization security events.
In JBoss Enterprise Application Platform 5, authentication, authorization, and mapping policies are configured with application-level granularity using the concept of a security domain.
Security Domain
A set of authentication, authorization, and mapping policies which are defined in XML and are available to applications at runtime using Java Naming and Directory Interface (JNDI).
A security domain can be defined in the server profile or in an application deployment descriptor.
Auditing for EJB3 and the web container are configured independently of each other, and operate at the server level.
JBoss Enterprise Application Platform 5 uses a pluggable module framework to implement security, providing separation of security implementation and application design. The pluggable module framework provides flexibility in application deployment, configuration, and future development. Modules implementing security functionality are plugged into the framework and provide security functions to applications. Applications plug into the security framework through security domains.
Applications can be deployed in new scenarios with altered security configuration by associating them with a different security domain. New security methods can be implemented by plugging JBoss, custom-built, or third-party modules into the framework. Applications gain the security functionality of that module with no application recoding, by simple reconfiguration of the security domain.
Chapter 6, Security Domain Schema describes the XML configuration of a security domain.
Chapter 7, Authentication contains detailed information about security domain authentication policy.
Chapter 8, Authorization contains detailed information about security domain authorization policy.
Chapter 9, Mapping contains detailed information about security domain mapping policy.
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat