With the rapid development of information technology,network technology and electronic commerce, the global enterprise application system has been already implemented on the widespread open network platform.At the time of designing and plan the multi-tier enterprise application based on Internet/Intranet, the system architecture to be adopted is the most important. It should possess key characteristics,such as advance,opening,security,growth and compatibility,etc…As the platform of the middle ware technology,J2EE is receiving more and more recognition,correspondingly more and more people study J2EE security. The security of the enterprise application system based on J2EE technology is studied in this paper which is based on the background of logistics management information system in Handan steel trading company.This article first introduces and analyses the common security technology simply,such as encrpytion techniques,Digital Certificate techniques, SSL protocol,then introduces the system structure and security mechanismsof J2EE,such as authentication ,authorization,access control,integrity mechanism and confidentiality mechanism, JAAS techniques etc….Together with the management information system of the logistics , this article realized the security problem using layered frame to the demand and characteristic of the secutity problem of this logistics system. The system security frame analyses and solves the security problem of this system from the physical security ,the network security, the operating system security ,the application security, the database security,safety control,and organically integrated to form a steady,reasonable and complete security strategy of the J2EE enterprise applicationUsing the JAAS technology, the J2EE statement security and procedural security,the user authentication, based on role access control mechanism , the confidentiality and integrity in the process of data transmission are implemented. |