Back to Security Pattern Catalog




Container Managed Security


Classification Key : Core Security, Information Disclosure

Problem

Adding programmatic security solutions to an application involves extra work on development of security libraries and verification of the implementation. For many applications, the choice would be to use declarative security. How can security be added declaratively to an application?

Solution

Use standard security features provided by application container. Define application level roles at development time. Perform a mapping of these application level logical roles to users in the deployment environment at deployment time or thereafter.

Known Uses

Runtime authentication and authorization handled by container by configuring user realms for LDAP.

Related Patterns

Intercepting Web Agent

Source

Sun Book

Tags

Authentication, Authorization, Container


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz