19 Aug · Tue 2008
Servlet security constraints - summary and recommendations
This entry describes the Servlet security constraint model and offers some recommendations intended to help ensure that your application is protected as you intend it to be. Thanks to Jeff Williams of Aspect security for making me aware of common practice, and for his suggestions for simplifying the Servlet constraint model.[Read More]
18 Aug · Mon 2008
Using JACC to determine a caller's roles
This entry defines a technique for using the standard interfaces provided by JACC to implement a utility that returns all the role memberships of the caller of a Servlet or EJB). This technique may be used to decouple the calling application from the set of declared roles.[Read More]
![[This is a Roller site]](http://blogs.sun.com/monzillo/resource/images/roller-logo.gif){kind=logo}