Research Of J2EE Application System Based On TRBAC

Distributed technology provides high capability, extensibility and safety for distributed enterprise software. Under complex environment, the architecture of application softwares have the characters of complex structure and involve multi-technology, thus those characters increase the difficulties of development. Therefor, this paper uses design pattern in design to reduce the complexity.MVC is the main pattern of designing distributed application. In model level, it uses Java Bean and JDBC to connect database. The program will be changed a lot when the database is changed. Thus, JSE_MVC is brought forward. In this architecture, EJB is used in model level and entity bean is used to connect database. If the type of database is changed, there is only a little change in the program. The transplantability of the system is strengthened. On the basis of design pattern, J2EE design pattern is used in model level to give a common architecture. It increases the reusability, extensibility and portability. A mobile card selling system is designed and implemented to use the common architecture. The use of common architecture reduces the difficulties of development.In distributed environment, enterprise application is composed of different nodes on the Web. Clients and servers are in different areas, so security is becoming an important aspect. In security design, access control is used to enhance the security of the system.Access control is a basic technology in network security. It includes the role based access control and the task based access control, etc. The security service that J2EE provides bases on the role based access control. These methods don't encrypt password and identity, the target server is not authenticated, and the privilege is static. Therefor, in this paper, the task and role based access control (TRBAC) is used. In this method, privilege is dynamic and changes according to the context. On the basis of this, a security model is put forward. In this model, security cookies are adopted, password and identity are encrypted and target server is authenticated .It settles the problem of J2EE security and enhances the security of system.