Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
21222324252627282930
J2EE Application
1-5
J2EE Application
This section gives an overview of security risks in J2EE applications.
Generally, a J2EE application performs operations with client programs using various components. The
client program of a J2EE application is sometimes executed as an independent Java program and
sometimes via a Web browser. When it is executed via a Web browser, a Web server mediates the
operation. The Web server is generally located in a Demilitarized Zone (DMZ) so that accesses to the
Web browser and intranet area go through a firewall.
Resources to be Protected
This section describes the resources to be protected when a general J2EE application is used.
Functions Used for Operation of J2EE Applications
The following functions require security for operation of a general J2EE application:
User authentication
Connection to Web server
Invocation of Servlet (when an V5.0.1 or earlier version of Servlet service is used)
Invocation of EJB (during operation in old version compatible environments)
Invocation of Servlet and EJB
Reading data from a database
Writing data to a database
Operating environment setup for Web Server
Execution environment setup for Servlet (when an V5.0.1 or earlier version of Servlet service is
used)
Execution environment setup for EJB (during operation in old version compatible environments)
Execution environment setup for Servlet and EJB
Deployment of a J2EE application