Skip Headers

Oracle9iAS Containers for J2EE Services Guide
Release 2 (9.0.2)

Part Number A95879-01
Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents

Go to previous page

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X 


Symbols

<commit-class> element, 10-12
<commit-coordinator> element, 10-12
<container-transaction> element, 10-7
<data-source>
attributes, 1-9
<resource-ref> element, 1-11
<res-ref-name> element, 1-11
<transaction-type> element, 10-6, 10-8

A

access control list model
definition, 4-13
AccessController, 4-5
accessing JAAS provider, 7-4
AccessTest1, 8-7, B-11
actions
definition, 4-4
add button
Oracle Enterprise Manager, 7-4
add command, 7-24
adding and removing realms, 7-16
adding and removing roles, 7-17
adding and removing users, 7-17
addperm options, 7-18
addprncpl option, 7-19
addrealm option, 7-16
addrole option, 7-17
adduser option, 7-17
administrative role, 7-29
AdminPermission class
administering permissions, 4-26
definition, 4-5, A-7
adminRole, 7-28
adminUser, 7-29
Ant build tool, 9-5
Apache
JServ license, A-3
license, A-1
Apache Listener. See Oracle HTTP Server
apachectl start command, 9-8
apachectl startssl command, 9-8
APIs
oracle.security.jazn package, A-2
oracle.security.jazn.policy package, A-6
oracle.security.jazn.realm package, A-9
Application Realm
creation, 7-31
creation code, B-8
definition, 4-18
role management, 4-18, 4-21
sample LDAP directory information tree, 4-21
user management, 4-18, 4-21
ApplicationClientInitialContextFactory, 2-6 to 2-8
ApplicationInitialContextFactory, 2-8 to 2-10
applications
executing, 8-4, 9-8
in Java2 application environments, 6-2
sample J2SE, 8-5
with JAAS, 4-10
application.xml
designating data-sources.xml, 1-2
assigning permissions, 7-6
attributes
CacheEventListener, 13-17
DefaultTimeToLive, 13-17
DISTRIBUTE, 13-14
GROUP_TTL_DESTROY, 13-14
IdleTime, 13-17
LOADER, 13-14
ORIGINAL, 13-14
REPLY, 13-15
SPOOL, 13-15
SYNCHRONIZE, 13-16
SYNCHRONIZE_DEFAULT, 13-16
TimeToLive, 13-18
Version, 13-18
Attributes.setCacheEventListener() method, 13-28
authentication
definition, 4-2
J2EE, 9-2
J2SE, 8-2
using login modules, 4-9
using Oracle9iAS Single Sign-On (SSO), 4-13
using RealmLoginModule class, 4-13
with Basic Authentication, 6-13
with SSL, 6-10
with SSO, 4-13, 6-8
authentication environments, 6-6
authorization
definition, 4-2
J2EE, 9-4
J2SE, 8-3

B

basic authentication, 6-6
callerinfo demo, 5-2

C

Cache
concepts, 13-2
cache environment, 13-6
CacheAccess.createPool() method, 13-40
CacheAccess.get() method, 13-22
CacheAccess.getOwnership() method, 13-46
CacheAccess.preLoad() method, 13-22
CacheAccess.releaseOwnership() method, 13-46
CacheAccess.save() method, 13-35
CacheEventListener attribute, 13-17
CacheEventListener interface, 13-28
CacheLoader()
implementing, 13-22
CacheLoader.createStream() method, 13-38
caching scheme, 1-14
callback handler, 8-2, 8-5
callerInfo demo, 5-2, 9-4
code, 9-9
results, 5-6
capability model
definition, 4-13
cd command, 7-24
checking password, 7-17
checkpasswd option, 7-17
cipher suites
supported by Oracle HTTPS, 1-7
class names
definition, 4-4
classes
AdminPermission, A-7
Grantee, A-8
InitRealmInfo, A-10
JAZNConfig, A-2
JAZNConfigException, A-4
JAZNContext, A-3
JAZNPermission, A-3
RealmLoginModule, A-10
RealmManager, A-10
RealmPermission, A-10
RoleAdminPermission, A-8
cleanInterval property, 13-27
clear command, 7-25
codebase, 4-10
codesource, 7-8
in policy files, 4-10
constructing
JNDI contexts, 2-4
JNDI InitialContext, 2-5
createDiskObject() method, 13-23, 13-36
createInstance() method, 13-42
CreatePool() method, 13-40
createRole, 7-32, 7-33
createStream() method, 13-23
creating a new grant entry, 7-8
creating roles, 7-33
creation code
Application Realm, B-8
External Realm, 7-30
credentials, 4-8, 4-24
cryptographic keys, 4-8

D

data source
configuration, 1-8
configuration file, 1-9
connection sharing, 1-13
default, 1-2
definition, 1-2
emulated, 1-2, 1-5 to 1-6
error conditions, 1-15
mixing transactions, 1-15
username, 1-15
introduction, 1-1
location of XML file, 1-2
non-emulated, 1-7 to 1-8
behavior, 1-13
JTA transaction, 1-13
Oracle JDBC extensions, 1-12
retrieving connection, 1-4, 1-11
using Merant driver, 1-17
using OCI driver, 1-16
data storage
in LDAP-based environments, 4-21
database
caching scheme, 1-14
retrieving connection, 1-4
DataSource object, 10-4, 1-4
methods, 1-10
retrieving, 10-4
use in JTA, 10-11
data-sources.xml, 1-9
designating location, 1-2
pre-installed definitions, 1-2
data-sources.xml file, 10-12
use in JTA, 10-2
dedicated.connection JNDI property, 1-15
default configurations
callerInfo demo, 5-3
default realm, 9-6
default-realm, 5-4
DefaultTimeToLive attribute, 13-17
default-web-site.xml file, 5-3, 9-5
defineGroup() method, 13-20, 13-21
defineObject() method, 13-21
defineRegion() method, 13-19
delegation, 4-2
deleting grant entries, 7-8
deployment descriptor
JTA, 10-6
deployment descriptors
JCA, 12-4
destroy() method, 13-25
destroyInstance() method, 13-42
directory information tree (DIT)
Application Realm, 4-21
External Realm, 4-18
Subscriber Realm, 4-19
discoveryAddress property, 13-27, 13-44
diskPath property, 13-27, 13-33
distinguished name (DN), 4-22
DISTRIBUTE attribute, 13-14, 13-43
distribute property, 13-27
doFilter(ServletRequest request, ServletResponse response,FilterChain chain), 9-3
dropping a realm, 7-29, 7-32
dropping roles, 7-35
dropRole, 7-32, 7-35

E

embedded resource adapter, 12-2
environments, 4-3, 4-17
examples
stand-alone resource adapters, 12-6
exceptionHandler() method, 13-23
exceptions
JAZNException, A-4
JAZNInitException, A-4
JAZNNamingException, A-4
JAZNObjectExistsException, A-4
JAZNObjectNotFoundException, A-4
JAZNRuntimeException, A-4
executing an application, 8-4
exit command, 7-26
External Realm
automatically installed, 4-22
creating, 7-30
creation code, 7-30
definition, 4-17
role management, 4-17, 4-19
sample LDAP directory information tree, 4-18
user management, 4-17, 4-19

F

features, 4-2
foundations of the JAAS provider, 4-2

G

GenericCredential interface
and Kerberos, 12-8
getAttribute("java.security.cert.X509certificate"), 9-3
getAuthType, 9-3
getconfig option, 7-20
getConnection method, 10-4, 1-4
getID() method, 13-28
getName() method, 13-23
getOwnership() method, 13-46
getOwnsership() method, 13-50
getParent() method, 13-21
getPolicy, 7-36
getRegion() method, 13-23
getRemoteUser, 9-3
getRoles, 7-33
getSource() method, 13-28
getSubject, 8-3
getting XML configuration information, 7-20
getUserPrincipal, 9-3
grant entry data, 7-7
Grantee class
definition, A-8
granting and revoking permissions, 7-19
granting and revoking roles, 7-17
granting roles, 7-33
grantperm option, 7-19
grantRole, 7-32, 7-34
grantrole option, 7-17
GROUP_TTL_DESTROY attribute, 13-14, 13-24, 13-25

H

handleEvent() method, 13-28
help command, 7-25
help option, 7-21
hosted application environments, 4-26
hosted environments, 4-27
HTTPClient.HttpUrlConnection, 1-10
HTTPConnection, 1-4
Oracle extensions, 1-13

I

IdleTime attribute, 13-17
impersonation
delegation, 4-2
import
oracle.ias.cache, 13-19
initial context factories
JNDI, 2-6 to 2-11
InitialContext
constructing in JNDI, 2-5
InitRealmInfo class
definition, A-10
InitRealmInfo.RealmType interface, 7-31
definition, A-9
installation
Javadoc, A-2
interfaces
InitRealmInfo.RealmType, A-9
JAZNPolicy, A-6
Realm, A-9
Realm.LDAPProperty, A-9
RealmPrincipal, A-9
RealmRole, A-9
RealmUser, A-9
RoleManager, A-10
UserManager, A-10
invalidate() method, 13-24
invoking JAZN Admintool, 7-15

J

J2EE. See Java2 Platform, Enterprise Edition (J2EE)
J2SE environments
JAAS provider integration, 6-2
J2SE. See Java2 Platform, Standard Edition (J2SE)
JAAS, 4-2
definition, 4-7
overview, 1-2
JAAS policy
managing, 7-6
JAAS provider
definition, 4-2
enhancements to realms, 4-15
features, 4-2
integration with Basic authentication, 6-12
integration with J2EE applications, 6-4
integration with J2SE applications, 6-2
integration with SSL-enabled applications, 6-9
integration with SSO-enabled applications, 6-7
management of, 7-2
management tools, 7-2
permission classes, 4-5
policy management, 7-36
running multiple instances, A-2
security role, 6-15
JAAS provider integration
J2SE environments, 6-2
JAAS. See Java Service (JAAS)
jaas.config, 8-4
Java, 10-1
Java application environments, 4-3
Java Authentication and Authorization Service (JAAS)
applications, 4-10
definition, 4-7
extending the Java2 Security Model, 4-7
login modules, 4-9
policy files
example, 4-10
principals, 4-8
realms, 4-10
roles, 4-9
subjects, 4-8
support for authorization and authentication features, 4-7
Java Authentication and Authorization Service. See JAAS.
Java Connector Architecture
overview, 1-3
Java Message Service. SeeJMS.
Java Object Cache, 13-2
attributes, 13-12
basic architecture, 13-3
basic interfaces, 13-5
cache configuration properties, 13-26
cache consistency levels, 13-49
cache environment, 13-6, 13-11
classes, 13-5
configuration
cleanInterval property, 13-27
discoveryAddress property, 13-27
diskPath property, 13-27
distribute property, 13-27
logFileName property, 13-27
logger property, 13-27
logSeverity property, 13-28
maxObjects property, 13-28
maxSize property, 13-28
consistency levels
distributed with reply, 13-50
distributed without reply, 13-50
local, 13-49
synchronized, 13-50
default region, 13-11
defining a group, 13-20, 13-21
defining a region, 13-19
defining an object, 13-21
destroy object, 13-25
disk cache
adding objects to, 13-34
configuring, 13-33
disk objects, 13-33
definition of, 13-9
distributed, 13-36
local, 13-36
using, 13-36
distribute property, 13-43
distributed cache architecture, 13-4
distributed disk objects, 13-34
distributed groups, 13-44
distributed mode, 13-43
distributed objects, 13-44
distributed regions, 13-44
features, 13-7
group, 13-12
invalidating object, 13-24
javacache.log log file, 13-27
local disk objects, 13-34
local mode, 13-43
memory objects
definition of, 13-8
local memory object, 13-8
spooled memory object, 13-8
updating, 13-8
naming objects, 13-8
object types, 13-6, 13-8
overview, 1-3
pool objects
accessing, 13-41
creating, 13-40
definition of, 13-10
using, 13-40
programming restrictions, 13-31
region, 13-11
StreamAccess object, 13-10
subregion, 13-11
Java permissions, 7-4
managing, 7-12
Java Platform, Enterprise Edition (J2EE)
security role, 6-14
Java programming, 7-27
sample code, 7-27
Java Transaction API. See JTA.
Java virtual machine (JVM)
running multiple JAAS provider instances, A-2
Java2 application environments, 6-2
Java2 Platform, Enterprise Edition (J2EE)
application development in, 6-2
application development with the JAAS provider, 4-2
application management, 9-2
application startup, 9-8
creating applications using the Java2 Security Model, 4-4
definition, 6-2, 6-4
integration with JAAS provider, 6-4
integration with JAZNUserManager, 6-4
integration with Oracle components, 6-4
integration with Oracle9iAS Containers for J2EE, 6-4
Oracle component responsibilities in basic authentication environments, 6-13
Oracle component responsibilities in SSL-enabled environments, 6-10
Oracle component responsibilities in SSO-enabled environments, 6-8
starting applications with SecurityManager, 9-8
starting in SSL environment, 9-8
starting in SSO environments, 9-8
Java2 Platform, Standard Edition (J2SE)
application development in, 6-2
application development with the JAAS provider, 4-2
authentication, 8-2
authorization, 8-3
creating applications using the Java2 Security Model, 4-4
definition, 6-2
integration with JAAS provider, 6-2
integration with Oracle components, 6-2
provider types available, 6-2
Java2 Security Model, 4-3, 4-7, 9-4
definition, 4-4
using access control capability model, 4-13
using with J2EE applications, 4-4
using with J2SE applications, 4-4
using with JAAS, 4-7
javacache.properties file, 13-26
Javadoc
location of, A-2
java.io.FilePermission, B-9
java.lang.SecurityManager.checkPermission, 8-3
java.net.URL framework, 1-10
java.security.cert.X509Certificate, 9-3
java.security.cert.X509Certificate,x509cert, 9-3
java.security.Permission class, 7-35
RealmPermission extends from, A-10
java.security.principal, 4-12
java.security.Principal interface
RealmPrincipal extends from, A-9
using with principals, 4-8
using with roles and groups, 4-9
javax.net.ssl.KeyStore, 1-11
javax.net.ssl.KeyStorePassword, 1-12
javax.security.auth.Policy, A-2
javax.security.auth.Subject.doAs, 8-2, 8-3
javax.servlet.HttpServletRequest, 9-3
JAZN Admintool, 7-2, 7-14
administering policy, 4-24
definition, 4-16
for managing JAAS provider types, 4-13
invoking, 7-15
Quick Start, 5-7
shell commands, 7-24
JAZN Admintool commands
usage examples, 7-14
JAZN Admintool options
addperm, 7-18
addprncpl, 7-19
addrealm, 7-16
addrole, 7-17
adduser, 7-17
checkpasswd, 7-17
getconfig, 7-20
getting help, 7-21
grantperm, 7-19
grantrole, 7-17
help, 7-21
listperm, 7-19
listperms, 7-19
listprncpl, 7-20
listrealms, 7-17
listroles, 7-18
listusers, 7-18
remprncpl, 7-19
remrealm, 7-16
remrole, 7-17
remuser, 7-17
revokeperm, 7-19
revokerole, 7-17
setpasswd, 7-18
shell, 7-20
JAZN Admintool shell, 7-14
starting, 7-20
JAZN Admintool shell commands
add, 7-24
cd, 7-24
clear, 7-25
exit, 7-26
help, 7-25
ls, 7-24
man, 7-25
mk, 7-24
mkdir, 7-24
pwd, 7-25
rm, 7-25
jazn element
location, 5-4, 9-6
JAZNAdminGroup, 4-26
JAZNClientGroup, 4-26
JAZNConfig class, 7-28
definition, A-2
JAZNConfigException class
definition, A-4
JAZNContext class, 7-28
definition, A-3
jazn-data.xml file, 4-11, 4-23, 5-3
JAZNException exception
definition, A-4
JAZNInitException exception
definition, A-4
JAZNNamingException exception
definition, A-4
JAZNObjectExistsException exception
definition, A-4
JAZNObjectNotFoundException exception
definition, A-4
JAZNPermission class
definition, 4-5, 4-6, A-3
target names, A-3
JAZNPolicy interface
definition, A-6
JAZNRuntimeException exception
definition, A-4
JAZNUserManager, 9-2, 9-4
definition, 4-13, 6-4
filter element, 6-5, 9-3
integration in J2EE environments, 6-4
jazn.xml file, 8-4, 8-5
JCA, 12-1 to 12-8
deployment descriptors, 12-4
QoS contracts, 12-2
resource adapters, 12-2
stand-alone resource adapter archives, 12-4 to 12-5
stand-alone resource adapter example, 12-6
JDBC
Oracle extensions, 1-12
retrieving connection, 1-4
JDK 1.3, 4-7
JMS, 11-1 to 11-10
configuring, 11-3 to 11-10
examples, 11-2 to 11-3
overview, 1-2, 11-1 to 11-2
JMS
resource providers, 11-10
JMS
resource providers, 11-4
JNDI, 2-1 to 2-11
constructing contexts, 2-4
environment, 2-5
initial context factories, 2-6 to 2-11
initial contexts, 2-2 to 2-3
lookup of data source, 1-4
JTA
bean-managed transaction, 10-2, 10-8
code download site, 10-1
container-managed transaction, 10-2, 10-6
demarcation, 10-2, 10-5
deployment descriptor, 10-6
DTD elements, 10-14
overview, 1-2
resource enlistment, 10-2
retrieving data source, 10-4
single-phase commit
configuration, 10-2
definition, 10-2
specification web site, 10-1
two-phase commit, 10-10
configuration, 10-10
definition, 10-2

K

Kerberos, 4-8
and GenericCredential interface, 12-8

L

LDAP. See Lightweight Directory Access Protocol (LDAP)
ldapadd tool
creating users, 4-18
LDAP-based provider type
Oracle Internet Directory, 4-3
licenses
Apache, A-1
Apache JServ, A-3
third-party, A-1 to A-4
Lightweight Directory Access Protocol (LDAP)-based environments
in J2SE environments, 6-2
realm contents, 4-18
realm data storage, 4-21
realm management, 4-17
realm permissions, 4-22
realm types available, 4-17
sample Application Realm directory information tree, 4-21
sample External Realm directory information tree, 4-18
sample Subscriber Realm directory information tree, 4-19
listing permission information, 7-19
listing permissions, 7-19
listing principal class information, 7-20
listing principal classes, 7-20
listing realms, 7-17
listing roles, 7-18
listing users, 7-18
listperm option, 7-19
listperms option, 7-19
listprncpl option, 7-20
listrealms option, 7-17
listroles option, 7-18
listusers option, 7-18
LOADER attribute, 13-14
location
jazn element, 5-4, 9-6
log file javacache.log, 13-27
log() method, 13-23
logFileName property, 13-27
logger property, 13-27
login method, 8-2
login modules
available with JAAS provider, 4-13
configuring with different applications, 4-9
definition, 4-9
with JAAS, 4-9
LoginContext class, 4-9, 8-2
authenticating subjects, 4-9
LoginContext.getSubject, 8-3
logSeverity property, 13-28
ls command, 7-24

M

man command, 7-25
management
of JAAS provider, 7-2
management tools, 7-2
managing JAAS provider policy, 7-36
managing JAZN
with Java, 7-27
managing permissions, 7-12, 7-35
managing realms, 7-28
managing roles, 7-32
managing users, 7-32
Mandatory transaction attribute, 10-7
maxObjects property, 13-28
maxSize property, 13-28
Merant driver, 1-17
migrating principals, 7-20
mk command, 7-24
mkdir command, 7-24
mod_oc4j, 9-4
mod_oc4j.conf file, 9-7
mod_ossl, 9-8
mod_osso, 9-8
multiple instances
of JAAS provider, A-2
multiple instances of JAZN
JAZNConfig, 7-28

N

namespace partitioning, 4-10
netSearch() method, 13-23, 13-50
Never transaction attribute, 10-7
NotSupported transaction attribute, 10-6

O

obfuscation, 4-24
OBJECT_INVALIDATION event, 13-29
OBJECT_UPDATED event, 13-29
OC4J. See Oracle9iAS Containers for J2EE (OC4J)
OCI driver, 1-16
OID. See Oracle Internet Directory (OID)
Oracle Enterprise Manager (OEM), 7-2, 7-3, 7-8
accessing JAAS provider, 7-4
creating a new grant entry, 7-8
creating new grant
permission, 7-10
creating new grants, 7-8, 7-9
JAAS provider overview, 4-16
principal classes, 7-9, 7-13
revoking permissions, 7-13
Oracle HTTPS, 1-1 to 1-20
default system properties, 1-11
example, 1-17
feature overview, 1-6
prerequisites for use, 1-2
supported cipher suites, 1-7
Oracle Internet Directory (OID)
administering policy data, 4-26
creating users, 4-18
location, 7-28
provider type, 4-15
Oracle Wallet Manager
and HTTPS, 1-8
Oracle9iAS Containers for J2EE (OC4J), 9-2
integration in J2EE environments, 6-4
mapping security roles to JAAS provider users and roles, 6-15
Oracle9iAS Single Sign-On (SSO)
for SSO authentication, 4-13
Oracle9iAS Web Cache, 13-2
oracle.ias.cache, 13-19
oracle.security.jazn package
classes, A-2
definition, A-2
exceptions, A-4
oracle.security.jazn.oc4j. JAZNServletRequest, 9-4
oracle.security.jazn.policy package
classes, A-7
definition, A-6
interfaces, A-6
oracle.security.jazn.realm package
classes, A-10
definition, A-9
interfaces, A-9
support for realms, 4-15
use of, 4-12
oracle.security.jazn.util. CertHash.getHash(x509cert), 9-3
OracleSSLCredential, 1-5, 1-14
Oracle.ssl.defaultCipherSuites, 1-12
ORIGINAL attribute, 13-14
orion-application.xml file, 5-4, 9-6, 9-7, 10-11
mapping security roles to JAAS provider users and roles, 6-15

P

packages
oracle.security.jazn, A-2
oracle.security.jazn.policy, A-6
oracle.security.jazn.realm, A-9
partitioning, 4-10, 4-26
passwords, 4-24
checking, 7-17
setting, 7-18
permissions, 4-14, 7-10
actions, 4-4
administering with AdminPermission class, 4-26
class definitions, 4-5
class name, 4-4
definition, 4-10
granting and revoking with the JAZN Admintool, 7-19
in Java2 Security Model, 4-4
JAAS provider, 4-5
Java permission instance contents, 4-4
listing with the JAZN Admintool, 7-19
management in LDAP-based environments, 4-26
management in XML-based environments, 4-23, 4-26
managing, 7-12, 7-35
target, 4-4
persistence, 4-24
Pluggable Authentication Module (PAM), 4-7
policies
administering with JAZN Admintool, 4-24
administering with Oracle Internet Directory (OID), 4-26
administration, 4-24
definition, 4-10
information storage in XML-based provider type, 4-23
management in LDAP-based environments, 4-26
management in XML-based environments, 4-23
policy entries, 7-4
policy files
codesource, 4-10
example, 4-10
subject, 4-10
policy partitioning
among realms, 4-27
PoolAccess object, 13-41
PoolAccess.close() method, 13-41
PoolAccess.get() method, 13-41
PoolAccess.getPool() method, 13-41
PoolAccess.returnToPool() method, 13-41
PoolInstanceFactory
implementing, 13-42
principal, 4-8, 8-2
principal classes, 7-9, 7-13
listing information with the JAZN Admintool, 7-20
principal-based authorization
support for, 4-7
principals, 7-9, 7-36
definition, 4-8
with JAAS, 4-8
principals.xml file, 6-4
converting from, 7-20
PrivilegedAction interface, 8-3, 8-4
privileges, 4-15
protection domain
definition, 4-4
in Java2 Security Model, 4-5
provider types, 4-3, 4-17
in J2SE environments, 6-2
managing, 4-13
Oracle Internet Directory (OID), 4-15, 4-24
retrieving permissions from, 4-13
storing policy information, 4-24
XML-based, 4-15, 4-24
public key certificates, 4-8
pwd command, 7-25

Q

QoS contracts, 12-2
quality of service contracts, 12-2
Quick Start, 5-1

R

RAR file
RBAC, 4-9
RBAC. See role-based access control (RBAC)
Realm interface
definition, A-9
realm name, 7-28
realm permissions
management in LDAP-based environments, 4-22
Realm.LDAPProperty interface
definition, A-9
RealmLoginModule, 4-13
RealmLoginModule class, 9-2
definition, A-10
for SSL and Basic authentication, 4-13
in J2SE environments, 6-2, 8-2
RealmManager class, 7-33
definition, A-10
RealmPermission class, 4-22
action names, A-10
definition, 4-5, 4-6, A-10
RealmPrincipal interface, 4-12, 9-3
definition, A-9
RealmRole interface
definition, A-9
realms
adding and removing with the JAZN Admintool, 7-16
creation of realm container in LDAP-based environments, 4-21
data storage in LDAP-based environments, 4-21
definition, 4-10, 4-12
dropping, 7-29, 7-32
information storage in XML-based provider type, 4-23
JAAS provider enhancements, 4-15
JAAS provider framework, 4-17
JAAS provider support, 4-12
listing with the JAZN Admintool, 7-17
managing in LDAP-based environments, 4-17
managing in XML-based provider type, 4-22
name, 7-28
permission management in LDAP-based environments, 4-22
policy partitioning, 4-27
realm contents in LDAP-based environments, 4-18
types available in LDAP-based environments, 4-17
types available in XML-based provider type, 4-22
with JAAS, 4-10
RealmUser interface
definition, A-9
release_Ownsership() method, 13-50
releaseOwnership() method, 13-46
Remote Method Invocation. See RMI.
remprncpl option, 7-19
remrealm option, 7-16
remrole option, 7-17
remuser option, 7-17
REPLY attribute, 13-15, 13-44
Required transaction attribute, 10-6
RequiresNew transaction attribute, 10-7
resource adapter, 12-2
Resource Adapter Archive. See RAR.
resource providers
JMS, 11-4 to 11-10
ResourceProvider
JMS, 11-4
retrieving authentication information, 9-3
returnToPool() method, 13-41
revokeperm option, 7-19
revokeRole, 7-33
revokerole option, 7-17
revoking permissions
Oracle Enterprise Manager, 7-13
rm command, 7-25
RMI
overview, 1-2
RMIInitialContextFactory, 2-10 to 2-11
rmi.xml, 3-2
role activation
definition, 4-15
role hierarchy
definition, 4-14
role management, 4-18
role manager, 4-18
role object class, 7-29
role's searchbase property, 7-29
RoleAdminPermission class, 4-27
definition, 4-5, A-8
role-based access control (RBAC), 4-12
definition, 4-14
JAAS provider support for, 4-12
role activation, 4-15
role hierarchy, 4-14
support for, A-2
RoleManager interface, 4-22, 7-32, 7-33
createRole, 7-32
definition, A-10
dropRole, 7-32
getRoles, 7-33
grantRole, 7-32
revokeRole, 7-33
roles, 7-36
adding and removing with the JAZN Admintool, 7-17
creating, 7-33
definition, 4-14
dropping, 7-35
granting, 7-33
granting and revoking with the JAZN Admintool, 7-17
listing with the JAZN Admintool, 7-18
management in Application Realms, 4-18, 4-21
management in External Realms, 4-17, 4-19
management in LDAP-based environments, 4-17
management in Subscriber Realms, 4-17, 4-20
management in XML-based environments, 4-23
managing, 7-32
using the J2EE security role, 6-14
with JAAS, 4-9
run-as element, 4-2, 4-15

S

sample application
AccessTest1, B-11
sample code, 7-27
createRole, 7-33
dropRole, 7-35
grantRole, 7-34
Sample J2SE Application, 8-5
sample_subrealm realm, 5-3
save() method, 13-35
searching for grant entry data, 7-7
searching for permissions, 7-12
secure mode, 5-5, 9-8
secure socket layer (SSL)
authentication method, 6-6
integration with Basic authentication, 6-12
integration with JAAS provider, 6-9
Secure Socket Layers (SSL), 6-6
security role
using in the web.xml file, 6-14
SecurityManager, 4-5, 8-3, 8-4
SecurityManager.checkPermission, 8-3, 9-4
server.xml, 3-2
server.xml file, 5-3, 9-5
Servlet.service, 9-4
setAttributes() method, 13-23
setCacheEventListener() method, 13-28
setpasswd option, 7-18
setting a password, 7-18
shell commands, 7-24
shell option, 7-20
single sign-on (SSO), 6-6, 9-2, 9-7
integration with JAAS provider, 6-7
SPOOL attribute, 13-15, 13-34
sslPrincipal, 9-3
stand-alone resource adapter, 12-2
stand-alone resource adapter archives, 12-4 to 12-5
stand-alone resource adapters
example, 12-6
starting
JAZN Admintool, 7-15
starting an application, 9-8
StreamAccess object
InputStream, 13-38
OutputStream, 13-38
using, 13-38
Subject.doAS, 4-15
Subject.doAs method, 8-3, 9-4
associating a subject with AccessControlContext, 4-8
invoking, 4-9
subjects, 4-8, 8-2, 8-3
definition, 4-8
with JAAS, 4-8
Subscriber Realm
definition, 4-17
role management, 4-17, 4-20
sample LDAP directory information tree, 4-19
user management, 4-17, 4-20
Supports transaction attribute, 10-6
SYNCHRONIZE attribute, 13-16, 13-46
SYNCHRONIZE_DEFAULT attribute, 13-16, 13-46

T

target names
definition, 4-4
of JAZNPermission class, A-3
third-party licenses, A-1 to A-4
TimeToLive attribute, 13-18
transaction
bean managed, 10-2
container-managed, 10-2
demarcation, 10-2, 10-5
deployment descriptor, 10-6
resource enlistment, 10-2
two-phase commit, 10-10
UserTransaction object, 10-9

U

user communities, 4-10, 4-17
user manager, 4-18
user object class, 7-29
user's searchbase property, 7-29
UserManager interface, 4-22, 7-32
definition, A-10
users, 7-36
adding and removing with the JAZN Admintool, 7-17
creating with Oracle Internet Directory, 4-18
creating with the ldapadd tool, 4-18
listing with the JAZN Admintool, 7-18
management in Application Realms, 4-18, 4-21
management in External Realms, 4-17, 4-19
management in LDAP-based environments, 4-17
management in Subscriber Realms, 4-17, 4-20
management in XML-based environments, 4-23
managing, 7-32
UserTransaction object
use in JTA, 10-9

V

Version attribute, 13-18
view grant entry data, 7-7
viewing existing permissions, 7-12

W

Web Cache, 13-2
Web Object Cache, 13-2
Web Object cache, 13-2
web.xml file
using the J2EE security role, 6-14

X

X.500 distinguished name
Oracle Enterprise Manager, 7-10
creating new grant, 7-10
XML-based provider type, 4-3
jazn-data.xml, 4-23
provider type, 4-15
realm and policy information storage, 4-23
realm management, 4-22
realm type available, 4-22

Go to previous page
Oracle
Copyright © 2002 Oracle Corporation.

All Rights Reserved.
Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents