Part I. Security Overview

Security is a fundamental part of any enterprise application. You must be able to restrict who is permitted to access your applications and control what operations application users may perform.

The Java Enterprise Edition (Java EE) specification defines a simple role-based security model for Enterprise Java Beans ( EJBs ) and web components. The JBoss Security Extension (JBossSX) framework handles platform security, and provides support for both the role-based declarative Java EE security model and integration of custom security through a security proxy layer.

The default implementation of the declarative security model is based on Java Authentication and Authorization Service ( JAAS ) login modules and subjects. The security proxy layer allows custom security that cannot be described using the declarative model to be added to an EJB in a way that is independent of the EJB business object.

Important

Basic security configuration that is typically performed right after installation of JBoss Enterprise Application Platform 5 is described in the Basic Configuration Changes chapter of the Getting Started Guide.

Important

JBoss distinguishes uppercase and lowercase characters in user names and roles.

Select Your Language

Part I. Security Overview

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Language and Page Formatting Options

Part I. Security Overview

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links