Security Patterns - Existing Security Pattern - Security Patterns For Java EE and XML Web Services

Security Patterns For Java EE and XML Web Services

This is a set of security patterns evolved by a team of engineers from Sun Microsystems that contributes to building end-to-end security into Java EE enterprise applications, XML Web services, identity management systems, and service provisioning solutions.

  • Authentication Enforcer pattern can be used to manage and delegate authentication processes
  • Authorization Enforcer pattern can be used to manage and delegate authorization processes
  • Intercepting Validator pattern helps performing security validation for input data from clients
  • Secure Base Action pattern shows centralizing handling of security tasks in a base action class
  • Secure Logger pattern can be used to log sensitive data and ensuring tamper-proof storage
  • Secure Session Manager shows securely centralizing session information handling
  • Web Agent Interceptor pattern shows how to use an interceptor mechanism to provide security for Web applications
  • Obfuscated Transfer Object pattern shows how to protect data passed around in transfer objects and between application tiers
  • Audit Interceptor pattern shows to capture security related events to support logging and auditing
  • Message Inspector pattern shows verification and validation of XML message-level security mechanisms, such as XML Signature and XML Encryption in conjunction with a security token.
  • Message Interceptor Gateway pattern shows a single entry point solution for centralization of security enforcement for incoming and outgoing XML Web Service messages. It helps to apply transport-level and message-level security mechanisms required for securely communicating with a Web services endpoint.
  • Secure Message Router pattern facilitates secure XML communication with multiple partner endpoints that adopt message-level security. It acts as a security intermediary component that applies message-level security mechanisms to deliver messages to multiple recipients where the intended recipient would be able to access only the required portion of the message and remaining message fragments are made confidential.

Read more about this topic:  Security Patterns, Existing Security Pattern

Famous quotes containing the words web, services, security and/or patterns:

    If our web be framed with rotten handles, when our loom is well nigh done, our work is new to begin. God send the weaver true prentices again, and let them be denizens.
    Elizabeth I (1533–1603)

    We now in the United States have more security guards for the rich than we have police services for the poor districts. If you’re looking for personal security, far better to move to the suburbs than to pay taxes in New York.
    John Kenneth Galbraith (b. 1908)

    A well-regulated militia being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
    Second Amendment, U.S. Constitution (1791)

    The ninety percent of human experience that does not fit into established narrative patterns falls into oblivion.
    Mason Cooley (b. 1927)