This document covers in detail all the concepts related to the JEUS 6.0 security system, configuration, operation, and customization. It is intended for all JEUS system administrators.
In order to fully understand this guide, users need to have an overall understanding of:
J2SE security architecture and general security technologies (SSL/TLS, Digital Authentication, Role-based User Authentication Model)
JEUS security architecture
JEUS Server as a whole (Refer to "JEUS Server Guide")
This document does not cover Java EE or Java specifications. For more information, refer to their related documents.
This document consists of eleven main chapters and two appendices.
"Chapter 1. Introducing the Security System"
Describes the overview and introduction of the JEUS security system.
"Chapter 2. Configuring the Security System"
Describes how to configure security domains, security services, subjects, and policies.
"Chapter 3. Configuring Security for Applications and Modules"
Describes how to apply security settings to EJB, web modules, and J2EE applications in JEUS.
"Chapter 4. Programming with the Security System API"
Describes how to create applications (for example Servlets) that use the security system API.
"Chapter 5. Developing Customized Security Services"
Describes how to develop your own Customized Security Providers (services) to use with JEUS.
"Chapter 6. Using JACC Provider"
Describes how to develop and integrate a JACC provider with the JEUS security system.
Describes how to develop and integrate a JAAS provider with the JEUS security system.
"Appendix A. Security Event Service"
Describes about the standard security event that is detected by the security system.
"Appendix B. JEUS Server Permissions"
Describes the security event reference to the permission that is checked by JEUS Server.
| Convention | Meaning |
|---|---|
| <<AaBbCc123>> | Filename of a program |
| <Ctrl>+C | Hold the Control key and press C |
| [Button] | Button or Menu name |
| Boldface | Emphasis |
| " " (double quotes) | Reference to chapters or sections in the manual, or to other related documentation |
| 'Input Item' | Description for an input item on the screen |
Hyperlink | E-mail account, website, link to other chapters or sections |
| > | Progress order of menus |
| +---- | Files or directories exist below. |
| |---- | Files or directories do not exist below. |
Note | Reference or note |
Caution | Caution |
| [Figure 1.1] | Figure name |
| [Table 1.1] | Table name |
AaBbCc123 | Java codes and XML documents |
[ command argument ] | Optional parameter |
| < xyz > | The contents between '<' and '>' will be changed to an actual value. |
| | | Selective argument. ex) A|B: either A or B |
| … | Repetitive parameters, etc. |
This guide follows the UNIX style for all examples and screen configurations.
Users of other environments, such as Windows, can use this with a few considerations. For example, use the Windows style "\" as the directory delimiter instead of the UNIX style "/". Environment variables should also be changed to Windows style variables.
This guide primarily discusses Java, so most of the content should apply to all systems.
| Guide | Description |
|---|---|
| JEUS Server Guide | Describes overview of the JEUS system and server, and system management. |
| JEUS EJB Guide | Describes JEUS EJB engine and how to deploy EJB modules. |
| JEUS Web Engine Guide | Describes how to manage JEUS web engine, and how to manage and deploy Java EE WAR Archive and servlet/JSP. |
| JEUS Node Manager Guide | Describes JEUS Node Manager concepts and usage. |
Java Authorization Contract for Containers Specification Version 1.0
Information about JACC provider.
J2EE 6 Specification
Information about the basic security architecture applied to J2EE server, including JEUS.
EJB 3.1 Specification
Information about EJB security model.
Servlet 3.0 Specification
Information about Servlet security model.
Javadoc for J2SE 6 packages java.security, javax.security.auth J2EE 6 package javax.security.jacc
Detailed information about basic security-related J2SE/J2EE class.
Javadoc JEUS API
JEUS_HOME/docs/api/jeusapi/index.html
XML Reference - Security service JEUSMain.xml configuration
JEUS_HOME/docs/reference/schema/index.html
TmaxSoft Co., Ltd
5, Hwangsaeul-ro 329beon-gil, Bundang-gu,
Seongnam-si, Gyeonggi-do, 463-824
South Korea
Tel: +82-31-8018-1000
Fax: +82-31-8018-1115
Email: info@tmax.co.kr
Web (Korean): http://www.tmaxsoft.com
Technical Support: http://technet.tmaxsoft.com
TmaxSoft, Inc.
560 Sylvan Avenue Englewood Cliffs, NJ 07632
U.S.A
Tel: +1-201-567-8266
Fax: +1-201-567-7339
Email: info@tmaxsoft.com
Web (English): http://www.tmaxsoft.com
TmaxSoft Japan Co., Ltd.
5F Sanko Bldg, 3-12-16 Mita, Minato-Ku, Tokyo, 108-0073
Japan
Tel: +81-3-5765-2550
Fax: +81-3-5765-2567
Email: info@tmaxsoft.co.jp
Web (Japanese): http://www.tmaxsoft.co.jp
TmaxSoft China Co., Ltd.
Beijing Silver Tower, RM 1508, 2# North Rd Dong San Huan,
Chaoyang District, Beijing, China, 100027
China
Tel: +86-10-6410-6145~8
Fax: +86-10-6410-6144
Email: info.cn@tmaxsoft.com
Web (Chinese): http://www.tmaxsoft.com.cn
TmaxSoft Brazil
Avenida Copacabana, 177 - 3 andar 18 do Forte Empresarial,
Alphaville - Barueri, Sao Paulo, SP-Brasil CEP 06472-001
Brazil
Tel: +55-11-4191-3100
Email: contato.brasil@tmaxsoft.com
Web (Portuguese): http://br.tmaxsoft.com
Tmax Russia L.L.C.
Grand Setun Plaza, No A204 Gorbunova st.2,
Moscow, 121596
Russia
Tel: +7(495)970-01-35
Email: info.rus@tmaxsoft.com
Web (Russian): http://ru.tmaxsoft.com
Tmax Singapore Pte. Ltd.
430 Lorong 6, Toa Payoh 10-02,
OrangeTee Building, 319402
Singapore
Tel: +65-6259-7223
Email: info.sg@tmaxsoft.com
Web (English): http://www.tmaxsoft.com
TmaxSoft UK Ltd.
Surrey House, Suite 221, 34 Eden Street,
Kingston-Upon-Thames, KT1 1ER
United Kingdom
Tel: + 44-(0)20-8481-3776
Email: info.uk@tmaxsoft.com
Web (English): http://www.tmaxsoft.com