| With the popularity and development of internet technology, open network on the J2EE architecture becoming more popular, at the same time open network lead to enterprise applications facing security threat from all sides. How to protect information from being illegal acquisition, theft, tamper and destruction, has become an important issue is concerned by all researchers of enterprise applications.From the point of enterprise system application-layer safety in paper, through deeply research various aspects of EJB3 remote access, communication between web layer and EJB layer over-reliance on XML configuration files. In order to solve this problem, EJB layer through the annotation process, using anti-called web layer approach to reduce the use of XML configuration files; Through combine AOP with container technology implement EJB access control, which makes business logic and security module separate; In the aspect of role information management, using directory server store user roles in order to reduce complexity of system development and improve system portability. Through transfer security identity between the specified EJB component and component. Which is reduces the difficulty of security services in the J2EE logic layer.At the basis of the studies, a kind of EJB-based remote access security mechanisms is designed. The definition of the module's function, focus on implementation of the Web server and application server security module, security interceptors module and EJB security module. The design and implementation of those modules have reference value to research remote access security of enterprise applications. |
PDF Full Text Request