geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From suryadu <>
Subject Re: [jira] Commented: (GERONIMO-3101) Role Based J2EE security model for DayTrader Benchmark
Date Mon, 16 Apr 2007 19:36:24 GMT

This will be simple. Security will be defined through DD files where the
logical roles will defined along with Servlet security constraints and EJB
method permissions etc.,. During the application deployment time, the
logical roles can be mapped to the real LDAP users/groups if some one wants
to use security. If not, the mapping can be ignored. To engage the security,
specific application server security needs to be configured like what LDAP
server to be used etc.,


JIRA wrote:
>     [
> ] 
> Matt Hogstrom commented on GERONIMO-3101:
> -----------------------------------------
> This would be excellent.  What are the touch points for manipulating the
> configuration?  I expect its a server startup issue as well as application
> configuration ?
>> Role Based J2EE security model for DayTrader Benchmark
>> ------------------------------------------------------
>>                 Key: GERONIMO-3101
>>                 URL:
>>             Project: Geronimo
>>          Issue Type: New Feature
>>      Security Level: public(Regular issues) 
>>            Reporter: Surya V Duggirala
>> To characterize and assess the performance of Security runtime for J2EE
>> role based security and Java 2 Security, we need a secured version of
>> DayTrader. This can be useful for Web Authenticatin and Authorization and
>> EJB Authentication and Authorization etc., 
>> Currently I am working on assessing the security performance using
>> DayTrader and wondering whether anyone has done similar studies with
>> DayTrader. 
> -- 
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.

View this message in context:
Sent from the Apache Geronimo - Dev mailing list archive at

View raw message