Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
241242243244245246247248249250
Developing Java Applications
7-5
Setup Item Required? Explanation
protection
resources
Executing
application
Required Set the JavaVM options.
Obtaining User Information Without Using the JAAS Framework
Information on a user can be obtained as a character string from the HTTP header without using the
JAAS framework. For information on obtaining the HTTP header value with a servlet application, refer
to the servlet documents provided by Sun Microsystems, Inc. For details of the header names reported
from a business server, refer to Setting User Information Report with Environment Variables.
Note
The JAAS authorization function cannot be used with Servlet.
Java Application that Receives User ID/Password from a Client for Authentication
Figure 7-2 Java Application that Receives User or ID from a Client for Authentication
Enter the user ID/password from a client (Web browser). The Java application can then execute
authentication processing by specifying the user ID/password sent from the client for the authentication
server. Authentication processing is executed through communication with the authentication server
within the single sign-on JavaAPI. An application can be developed that uses information on the
authenticated user and application for JAAS authorization after authentication succeeds.
Preventing User ID/Password Security Breaches
When developing an application with Servlet application, set the Web server that runs the Servlet to use
SSL communication. This will prevent user ID/password security breaches.