{"id":66334,"date":"2021-07-18T11:25:00","date_gmt":"2021-07-18T15:25:00","guid":{"rendered":"http:\/\/bangla.salearningschool.com\/recent-posts\/java-2-security-architecture-java-short-notes\/"},"modified":"2021-07-18T11:25:00","modified_gmt":"2021-07-18T15:25:00","slug":"java-2-security-architecture-java-short-notes","status":"publish","type":"post","link":"http:\/\/bangla.sitestree.com\/?p=66334","title":{"rendered":"Java 2 Security Architecture #Java Short Notes"},"content":{"rendered":"<ul>\n<li>Security Services Provide\n<ul>\n<li>Data Integrity<\/li>\n<li>Data Confidentiality<\/li>\n<li>Access Control &#8211; Authentication and Authorization<\/li>\n<\/ul>\n<\/li>\n<li>Encryption helps to provide such security services<\/li>\n<li>Core Java Security Architecture\n<ul>\n<li>&#8212; Core Java 2 Security Architecture<\/li>\n<li>&#8212; Java Cryptography Architecture (JCA)<\/li>\n<li>&#8212; Java Cryptography Extension (JCE)<\/li>\n<li>&#8212; Java Secure Socket Extension (JSSE)<\/li>\n<li>&#8212; Java Authentication and Authorization Service<\/li>\n<li>&#8212; JCE and JSSE extends JCA<\/li>\n<\/ul>\n<\/li>\n<li>JCA &#8211; Platform Packages\n<ul>\n<li>java.security &#8211; core security classes and interfaces<\/li>\n<li>java.security.cert &#8211; certificate management<\/li>\n<li>java.security.interfaces &#8211; Interfaces used to manage DSA and RSA keys<\/li>\n<li>java.security.spec &#8211; key specification, algorithm parameter specification<\/li>\n<\/ul>\n<\/li>\n<li>JCA &#8211; not useful for data encryption<\/li>\n<li>JCE provides the data encryption<\/li>\n<li>JCE packages: javax.crypto, javax.crypto.interfaces, javax.crypto.spec<\/li>\n<li>JSSE includes a Java implementation of SSL and Transport Layer Security (TLS) &#8211; server authentication, message integrity, optional client authentication.<\/li>\n<li>JSSE Packages:javax.net.ssl,javax.net,javax.security.cert<\/li>\n<li>JAAS : limit access to resources based on user identity. JAAS implements PAM (Pluggable Authentication Module Framework) &#8211; user-based, group-based, role-based access control<\/li>\n<li>JAAS packages:javax.security.auth,javax.security.auth.callback, javax.security.auth.login,javax.security.auth.spi<\/li>\n<li>Core Security\n<ul>\n<li>java.security.Permission, PermissionCollection, Permissions &#8211; specify level of access to resources in J2EE applications<\/li>\n<li>Permissions &#8211; sets of diverse permissions<\/li>\n<li>Permission Example:<\/li>\n<li>Permission has many subclasses like FilePermission, SerializablePermission, SocketPermission, NetPermission<\/li>\n<li>FilePermission prm = new FilePermission(&#8220;c:test.img&#8221;,&#8221;read,write&#8221;);<\/li>\n<li>Security Policy &#8211; list permissions in filesSystem Policy &#8211; jre\/lib\/security\/java.policy fileUser Policy &#8211; java.policy file under user&#8217;s directory<\/li>\n<li>Java 2 has a policy tool under [JAVA_HOMEbinpolicytool]- GUI based &#8211; to create\/edit policy files &#8211; type policytool in the command prompt<\/li>\n<li>Java Security Manager &#8211; determines whether requests to the access valued resources should be allowed? &#8211; core java security classes also ask security manager<\/li>\n<li>For access permission check<\/li>\n<li>Access Controller controls access to critical system resources. Security Manager calls Access Controller methods to delegate tasks<\/li>\n<\/ul>\n<\/li>\n<li>J2EE Application Security\n<ul>\n<li>J2EE Role Based Security<\/li>\n<li>J2EE applications can contain both protected and unprotected resources. Access to the protected resources can be controlled using authorization mechanisms.<\/li>\n<li>Authorization\n<ul>\n<li>Identification : recognize an entity &#8211; device or person<\/li>\n<li>Authentication : process to identify<\/li>\n<\/ul>\n<\/li>\n<li>Role based security: create logical privileges known as roles &#8211; may be based on customer\/user\/job profile<\/li>\n<li>Users are grouped together into the roles &#8211; same role users into the same role group<\/li>\n<li>Creating roles for J2EE Applications:Create roles, associate them with an application, WAR file, JAR files<\/li>\n<li>At the time of deployment, the deployer maps roles to the security identities<\/li>\n<li>Principle: identity assigned to a user or group after authentication<\/li>\n<li>A tool named deploytool can be used to add users and groups to a J2EE server.<\/li>\n<li>You can get J2EE and deploytool at: http:\/\/java.sun.com\/javaee\/downloads\/index.jsp<\/li>\n<li>In deploytoolmenu-&gt;tools-&gt;server configuration-&gt;select users from left -&gt; select reals from right -&gt;<\/li>\n<li>Provide ID\/Password for the user. Assign a group to the user. &#8211; Rest will be common sense, play with the tool<\/li>\n<li>You can also use realmtool to add users and groupsexample: realmtool -add 5006 5006admin admin,staffSyntax: -add user password groupsadd, import, userGroups<\/li>\n<li>Under deployment tool, afterwards, you can apply permissions to the different applications. You can also view and modify the descriptor file from : menu-&gt;tools&gt;view configuration.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p> From: http:\/\/sitestree.com\/?p=4977<br \/> Categories:Java Short Notes<br \/>Tags:<br \/> Post Data:2006-12-17 23:47:44<\/p>\n<p>\t\tShop Online: <a href='https:\/\/www.ShopForSoul.com\/' target='new' rel=\"noopener\">https:\/\/www.ShopForSoul.com\/<\/a><br \/>\n\t\t(Big Data, Cloud, Security, Machine Learning): Courses: <a href='http:\/\/Training.SitesTree.com' target='new' rel=\"noopener\"> http:\/\/Training.SitesTree.com<\/a><br \/>\n\t\tIn Bengali: <a href='http:\/\/Bangla.SaLearningSchool.com' target='new' rel=\"noopener\">http:\/\/Bangla.SaLearningSchool.com<\/a><br \/>\n\t\t<a href='http:\/\/SitesTree.com' target='new' rel=\"noopener\">http:\/\/SitesTree.com<\/a><br \/>\n\t\t8112223 Canada Inc.\/JustEtc: <a href='http:\/\/JustEtc.net' target='new' rel=\"noopener\">http:\/\/JustEtc.net (Software\/Web\/Mobile\/Big-Data\/Machine Learning) <\/a><br \/>\n\t\tShop Online: <a href='https:\/\/www.ShopForSoul.com'> https:\/\/www.ShopForSoul.com\/<\/a><br \/>\n\t\tMedium: <a href='https:\/\/medium.com\/@SayedAhmedCanada' target='new' rel=\"noopener\"> https:\/\/medium.com\/@SayedAhmedCanada <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security Services Provide Data Integrity Data Confidentiality Access Control &#8211; Authentication and Authorization Encryption helps to provide such security services Core Java Security Architecture &#8212; Core Java 2 Security Architecture &#8212; Java Cryptography Architecture (JCA) &#8212; Java Cryptography Extension (JCE) &#8212; Java Secure Socket Extension (JSSE) &#8212; Java Authentication and Authorization Service &#8212; JCE and &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"http:\/\/bangla.sitestree.com\/?p=66334\">Continue reading<\/a><\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1917],"tags":[],"class_list":["post-66334","post","type-post","status-publish","format-standard","hentry","category-fromsitestree-com","item-wrap"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":66322,"url":"http:\/\/bangla.sitestree.com\/?p=66322","url_meta":{"origin":66334,"position":0},"title":"Java Connector Overview and an Example #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 18, 2021","format":false,"excerpt":"Java Connector Architecture (JCA) enables integration of the J2EE components to any Enterprise Information Systems (EIS). EIS can be heterogeneous where scalability is a must. JDBC assumes DBMS\/RDBMS in the back-end, JCA targets any kind of EIS. One of the key parts of JCA is the Resource Adapter - usually\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":67414,"url":"http:\/\/bangla.sitestree.com\/?p=67414","url_meta":{"origin":66334,"position":1},"title":"Hibernate Architecture: Some Information #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 21, 2021","format":false,"excerpt":"Lite Architecture: Applications provide their own JDBC connections and also manage their own transactions Full Cream Architecture: Hibernate takes care of the JDBC connections and transaction Management. The applications are relieved of these responsibilities An instance of a persistent class can be in one of three states such as transient,\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":66421,"url":"http:\/\/bangla.sitestree.com\/?p=66421","url_meta":{"origin":66334,"position":2},"title":"Key J2EE  Components : Basic Concepts with Examples #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 19, 2021","format":false,"excerpt":"Java EE 5 (J2EE 5) uses XML deployment descriptors for the configuration of the web-applications and web-components. What Java EE provides? It provides the internal framework\/structure\/system level capability\/system-level infrastructure to support large enterprise level applications with features like distributed database, distributed computing , security, and transaction management. J2EE also provides\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":67442,"url":"http:\/\/bangla.sitestree.com\/?p=67442","url_meta":{"origin":66334,"position":3},"title":"Topics that You Need to Learn to Develop Service Oriented Architecture (SOA) based Enterprise Applications #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 22, 2021","format":false,"excerpt":"Topics that you need to learn to develop Service Oriented Architecture (SOA) based Enterprise Applications.[Knowing what to learn is the first step of learning.] Web Service Overview: SOA, Web-services, Web Service Standards, and Standard Managers XML Syntax: XML vs. HTML, W3C and the XML Specification, XML Syntax XML Namespaces: XML\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":65954,"url":"http:\/\/bangla.sitestree.com\/?p=65954","url_meta":{"origin":66334,"position":4},"title":"SCEA:Security in Java: Potential threats to a system and how to address the threats:Java Enterprise Architect #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 18, 2021","format":false,"excerpt":"Input Validation Failures: Input should be validated both at the client end and the server end (before any processing). Validating both from trusted and untrusted sources is important. Otherwise code injection attack may happen. Validation should include: data type (string, integer), format, length, range, null-value handling, verifying for character-set, locale,\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":66342,"url":"http:\/\/bangla.sitestree.com\/?p=66342","url_meta":{"origin":66334,"position":5},"title":"Distributed J2EE Applications #Java Short Notes","author":"Author-Check- Article-or-Video","date":"July 18, 2021","format":false,"excerpt":"Single tier applications are easier to design. Single tier applications mix data, presentation, business logic altogether. It is easier design but workload distribution becomes difficult. Moreover, software maintenance becomes a big headache. Multi-tier applications can address these challenges. Here, the application, hence, the workload is divided into multiple modules -\u2026","rel":"","context":"In &quot;FromSitesTree.com&quot;","block_context":{"text":"FromSitesTree.com","link":"http:\/\/bangla.sitestree.com\/?cat=1917"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/66334","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=66334"}],"version-history":[{"count":0,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=\/wp\/v2\/posts\/66334\/revisions"}],"wp:attachment":[{"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=66334"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=66334"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bangla.sitestree.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=66334"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}