The Researches Of Web Security Based On J2EE

J2EE (Java2 Platform Enterprise Edition, J2EE) is a system architecture based Java2,which simplifys development, deploy and management of enterprise applications. The important characteristic of J2EE is integrated and independent of platforms. Providing a united platform, J2EE reduces the intuition and complexity of developing muti-tiles applications. At the same time, it also provides a powerful support of existing applications. The final aim is to integrate all available technologies, product and solutions, and to provide standard service of interfaces and expasibility, which reduces the period and cost of software development.All these advantages make J2EE widely used in enterprise applications, which make the security of J2EE more important, especially in finace industry, electronic government affiar and so on.This thesis researches J2EE security in depth and systematically. At beginning of cryptology, writer explains several key elements of data security: confidentiality, integrity, authentication, and non-dinied, then describe how to resolve these question in crytology.J2EE is based on Java2 Platform, so J2EE security is closely related to Java. When Java appears first, its designers think the security in detail. Java language itself provides plenty of surport to security. This paper gives a detailed introduce on the architecture of Java2 security, especially in data encryption, authentication, and integration so on.J2EE security is the importance and theme of this paper, all the researches are around on it.It extends the security mechanism of Java2 platform ,but owns itself characteristic.This paper gives a detailed discuss on J2EE components, including JSP,Servlet,EJB,JDBC and RMI so on. A distributed system surely is involved in transfers and save of data. This paper researches the distributed technology of Java, RMI. SSL protocol also is analysed and discussed.Besides, proxy is researched with SSL. By proxy we discussed how to realize a secure JDBC driver. How to protect database by using encryptology also introduced and realized in this paper.At last, this paper implements a secure enterprise application-Bank Online, which integrates all technologies discussed above. It is perfect in transfers, store, integration, authentication and non-denied of data.