Entering content frame

Component documentation Integrating Security Functions Locate the document in its SAP Library structure

The following topics describe how to include security functions in your J2EE applications:

·        The Security Service Development API

This topic lists the interfaces provided by the SAP J2EE Engine Security Provider service that you can use to protect your application at the programming level. For example, there are interfaces available for using user authentication, authorizations, security roles, managing security sessions, or using protection domains.

·        Authentication for Web Applications Users on the SAP J2EE Engine

This section describes how the authentication process works on the SAP J2EE Engine. In particular, it describes how the SAP J2EE Engine supports the Java Authentication and Authorization Service (JAAS) and how you can use the JAAS modules to authenticate users.

·        Using Security Roles and Security Role References

This section provides the background information needed when deciding how to use security roles (and security role references) to protect your applications. Both the standard J2EE roles and role references as well as the UME (User Management Engine) roles are included.

·        Protection Domains

The ProtectionDomainContext interface enables you to manage collections of resources with defined security constraints. Using this interface, you can manage units in the server or application that require secured permissions or restrictions applied to them.

·        Security Methods to Use for Applications

The procedures used to assign the security roles and the authentication modules to your applications depend on the type of application that you are developing. This topic provides a list of links to the appropriate location in the documentation that applies to the designated application type.

·        Getting Key Storage Service

To protect unauthorized access to the keys and certificates that are stored in the Key Storage service, the J2EE Engine uses code-based permissions. This section describes the interfaces to use to access the key storage service from your application.

·        The Secure Storage API

You can use the SAP J2EE Engine’s secure storage area to store security-relevant information such as passwords. The corresponding interfaces and classes are described in this section.

·        The Digital Signatures and Document Encryption API

You can use these interfaces in your applications to create or verifying digital signatures or to encrypt or decrypt digital documents.

·        The Secure Connection Factory API for HTTPS Clients

You can use the interfaces and classes available with the secure connection factory to establish HTTPS connections when the SAP J2EE Engine is the client component for the connection.

·        The Destination Service API

As an alternative, you can use the Destination service API to establish HTTP(S) connections within your applications.

 

 

 

 

 

Leaving content frame