Table of Contents
This is still a rough draft
The JBossSX security extension provides support for both the declarative EJB 1.1 security model as well as integration of custom security via a security proxy layer. The default implementation of the declarative security model is based JAAS LoginModules and Subjects. The security proxy layer allows custom security that cannot be described using the declarative model to be added to an EJB in a way that is independent of the EJB business object. Before getting into the JBoss security implementation details, let's review the EJB 1.1 specification security model.
The SRP Authentication and Key Exchange System. Request for Comments: 2945. ftp://ftp.rfc-editor.org/in-notes/rfc2945.txtl .
Enterprise JavaBeansâ„¢ Specification, v1.1 . http://www.javasoft.com/products/ejb/docs.html .