1 / 6

Comparison Study of Aspect-Oriented and Container Managed Security

This paper analyzes Aspect-Oriented Security in contrast to Container-Managed Security within Java 2 Enterprise Edition (J2EE) applications. It highlights the distinctions in security implementation methods, including the use of AspectJ for programmatic security versus declarative security managed by the container. Practical examples with source code for client authentication, role-based access control, and audit mechanisms are presented. The study emphasizes the importance of separating security functionalities from business logic, offering insights into effective security management in software development.

amal-boyer
Télécharger la présentation

Comparison Study of Aspect-Oriented and Container Managed Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AAOS 2003: Analysis of Aspect-Oriented Software Comparison Study of Aspect-Oriented and Container Managed Security Paweł Słowikowski ps@agh.edu.pl Krzysztof Zieliński kz@agh.edu.pl Department of Computer Science AGH University of Science and Technology, Cracow, Poland

  2. Research • Object-oriented and Component-based systems • Java 2 Enterprise Edition (J2EE) • Java Management Extensions (JMX) • CORBA • .. • Domains • Security • Monitoring • ..

  3. Security requirements • Authentication • Access control • Audit

  4. Container managed security enforced by container declarative security in deployment descriptor limited to container’s functionality separated from business logic Aspect-oriented security(with AspectJ) enforced by aspect programmatic security in aspect limited by scope of pointcuts separated from business logic Securityimplementation in J2EE

  5. The paper • Contains examples with source code for • authentication of a client application • RAD based access control • accountability • Java / JAAS / JBoss / AspectJ

  6. Thank you for your attention...

More Related