lib0057.html

This handbook is a concise guide to architecting, designing, and building J2EE applications. It guid

<html>
<META http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<head>
<title>Security</title>
<link rel="STYLESHEET" type="text/css" href="images/xpolecat.css">
<link rel="STYLESHEET" type="text/css" href="images/ie.content.css">
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td><div STYLE="MARGIN-LEFT: 0.15in;"><a href="toc.html"><img src="images/teamlib.gif" width="62" height="15" border="0" align="absmiddle"  alt="Team LiB"></a></div></td>
<td align="right"><div STYLE="MARGIN-LEFT: 0.15in;">
<a href="LiB0056.html"><img src="images/previous.gif" width="62" height="15" border="0" align="absmiddle" alt="Previous Section"></a>
<a href="LiB0058.html"><img src="images/next.gif" width="41" height="15" border="0" align="absmiddle" alt="Next Section"></a>
</div></td></tr></table>
<br>
<div class="chapter">
<a name="ch08"></a>
<div class="section">
<h2 class="first-section-title"><a name="262"></a><a name="ch08lev1sec3"></a>Security</h2><a name="263"></a><a name="IDX-104"></a>
<p class="para">Security for J2EE applications and the underlying environment can be thought of in terms of authorization, authentication, and provisioning. Security features are used to limit the types of traffic allowed over a network (e.g., HTTP traffic, mail, FTP, etc.). Further, some transmissions might be allowed for some users but not for all. Firewalls are typically used to limit the types of network transmissions possible at site level. It's standard for J2EE applications to allow only HTTP or HTTPS traffic through the firewall. FTP traffic to an FTP server also might be allowed.</p>
<p class="para">User <b class="bold">authentication</b> is commonly handled at the Web server level with the assistance of some type of identity management product (such as Oblix<span class="unicode">&#8482;</span>). These products are typically used to force a user login and validate the requested password.</p>
<p class="para">The <b class="bold">authorization</b> feature of a Web server (with the help of a third-party encryption vendor) is targeted at making sure that the entity providing the user ID and password for the session is still the entity issuing requests over the server. This feature also protects the content of every transmission from being viewed or altered by a third party. SSL is one commonly used encryption mechanism.</p>
<p class="para">
<b class="bold">Provisioning</b> features regulate which users get access to which applications. In complex environments, provisioning allows a user to use only some applications, not all. Provisioning is normally provided by a purchased product and not developed internally.</p>
<p class="para">The reason that these concerns are usually addressed at an architecture level is that they're common to all applications. None of the features discussed here should require any specific application-level coding. If the application provides personalization features and the infrastructure provides identity management software, the application might look up information about the user.</p>
<p class="para">Most J2EE applications position their firewalls so that at least the Web and application servers are in a DMZ. Because intruders must break through multiple firewalls to get to application data, using a DMZ reduces the probability of a break-in.</p>
<p class="para">
<a class="internaljump" href="#ch08fig02">Figure 8.2</a> depicts a basic network architecture for a J2EE application. In this diagram, the Web servers provide security. The LDAP server is used to provide customer identity information for the Web servers.</p>
<div class="figure">
<a name="264"></a><a name="ch08fig02"></a><span class="figuremediaobject"><a href="images/fig121%5F01%5F0%2Ejpg" NAME="IMG_27" target="_parent"><img src="images/fig121_01.jpg" height="143" width="350" alt="Click To expand" border="0"></a></span>
<br style="line-height: 1">
<span class="figure-title"><span class="figure-titlelabel">Figure 8.2: </span>Basic J2EE Network Architecture</span>
</div>
<a name="265"></a><a name="IDX-105"></a>
<div class="section">
<h3 class="sect3-title">
<a name="266"></a><a name="ch08lev2sec1"></a>Architecting Application Security</h3>
<p class="para">
<b>Leverage the infrastructure security features as much as possible.</b> Security features managed at an enterprise level usually have a lower chance of failure compared with custom-coded solutions at the application level. My premise is that commercial and open source packages generally have less severe bugs and are more robust than custom-coded applications.</p>
<p class="para">
<b>Audit the use of generic IDs.</b> A generic ID is an ID not associated with a specific person. It is common practice to use a generic ID and password for a database connection. It is not common to use a generic ID to provide protected Web content to users who are not explicitly authorized for that content. I've seen applications that use generic IDs in this way to skirt the security infrastructure of the company.</p>
<p class="para">
<b>Effectively use URL masks to indicate security requirements.</b> Most Web servers enforce security based on URLs. For example, a URL containing the phrase "/public" may not be secure, while a URL containing the phrase "/admin" might be restricted to application and system administrators. If the end users of your application have different capabilities depending on who they are, make sure that the URLs used to access them reflect their roles. In most companies, this will increase your chances of being able to use the security infrastructure.</p>
</div>
</div>
</div><br>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td><div STYLE="MARGIN-LEFT: 0.15in;"><a href="toc.html"><img src="images/teamlib.gif" width="62" height="15" border="0" align="absmiddle"  alt="Team LiB"></a></div></td>
<td align="right"><div STYLE="MARGIN-LEFT: 0.15in;">
<a href="LiB0056.html"><img src="images/previous.gif" width="62" height="15" border="0" align="absmiddle" alt="Previous Section"></a>
<a href="LiB0058.html"><img src="images/next.gif" width="41" height="15" border="0" align="absmiddle" alt="Next Section"></a>
</div></td></tr></table>
</body></html>