Acegi « Security « Java Articles

1.	Build Deploy
2.	Class
3.	Core Library
4.	Data Types
5.	Database JDBC
6.	Design
7.	Development
8.	File Input Output
9.	Graphics Desktop
10.	J2EE Enterprise
11.	J2ME Wireless
12.	JVM
13.	Language
14.	Library Product
15.	Network
16.	Security
17.	SOA Web Services
18.	Test
19.	Web Development
20.	XML

Java Articles » Security » Acegi

1. From Java EE security to Acegi javaworld.com

Java EE is an industrial standard programming platform that makes cross-cutting concerns like security and transaction into standard services to free developers from muddy infrastructure coding jobs. The security services in Java EE enable developers to build strong and elaborate protections for their applications with minimum effort. Apart from Java EE, Spring is a fantastic and popular open source framework designed on top of the Java EE standard that addresses the missing or problematic pieces from earlier versions of the Java EE specification (1.0-1.4). Spring's features and value plus the fact that a Spring container can live in a Web server without a heavy-weight application container contribute to its continued dominance in the application framework market. Acegi designed for Spring provides flexible, powerful, and comprehensive security beyond what's available in the Java EE standard. The two independent security systems are discussed and compared from different angles in this article to help developers build strong, efficient, and elegant security solutions for their applications.

2. Acegi security for JSF applications javaworld.com

Acegi security is a natural choice for many enterprise applications built using the Spring framework. JSF (JavaServer Faces) is a Java-based Web application framework that facilitates rapid application development by assembling reusable UI components. As you will learn in this article, it is not hard to secure your JSF applications with Acegi. In fact, you can address most details of authentication and authorization in a Spring application context file.

3. Acegi Security in one hour javaworld.com

This article gives you a concise jump-start to implementing Acegi Security for a basic order-processing application. You'll set up authentication and authorization services for the application, and you'll implement those security features in form-based Web pages. After working through the example, you should be able to set up basic form-based security for any Web application in about an hour.

4. Securing Java applications with Acegi, Part 3: Access control for Java objects ibm.com

This article focused on using method-based security to protect Java class instances. It also explained how Acegi and Spring internally create and proxy Java objects and how bean proxies work to implement access control. The article includes a couple of sample applications that you can use to further explore the concepts you have learned in this series. See the Resources section to learn more about securing Java applications with Acegi.

5. Securing Java applications with Acegi, Part 1: Architectural overview and security filters ibm.com

This series starts with an introduction to the common security concerns of enterprise applications and explains how Acegi resolves them. You will see Acegi's architectural model and its security filters, which embody most of the functionality you'll use to secure your applications. You will learn how filters work individually, how they can be combined, and how a filter chain functions from start to finish in an enterprise security implementation. This article concludes with a sample application that demonstrates Acegi's implementation of a URL-based security system. The following articles in the series will explore some of the more advanced uses of Acegi, including how to design and host access control policies and then configure Acegi to use them.

6. Securing Java applications with Acegi, Part 5: Protecting JavaBeans in JSF applications ibm.com

This five-part series of articles introduces Acegi Security System and demonstrates how to use Acegi to secure enterprise Java applications. This final article of the series continues a discussion of using Acegi to secure JSF applications. In Part 4 I showed how you can secure a JavaServer Faces (JSF) page using Acegi without writing any Java code. I also provided an in-depth explanation of events that happen when you deploy your JSF-Acegi application and when a user accesses it. This time I focus on techniques for securing JavaBeans in your JSF applications.

7. Securing Java applications with Acegi, Part 4: Protecting JSF applications ibm.com

This fourth installment demonstrates how to use Acegi to secure JavaServer Faces (JSF) applications that run in a servlet container. This article first explains the features Acegi provides for this purpose and dispels some common misconceptions about using Acegi with JSF. This article then presents a simple web.xml file that you can use to deploy Acegi to secure a JSF application. From there, go deep inside Acegi and JSF components to understand the sequences of events that happen when you deploy the web.xml file and when users access the JSF application. The article concludes by presenting a sample JSF application secured by Acegi.

8. Securing Java applications with Acegi, Part 2: Working with an LDAP directory server ibm.com

This series of articles is an introduction to using Acegi Security System to secure your Java enterprise applications. In the first article in this series, I introduced Acegi and explained how to use security filters to implement a simple, URL-based security system. In this second article, I begin to discuss the more advanced uses of Acegi, starting with writing an access control policy and storing it in ApacheDS, an open source LDAP directory server. I also show you how to configure Acegi to interact with the directory server to implement your access control policy. At the conclusion of the article, I present an example application that uses ApacheDS and Acegi to implement a secure access control policy.