|
|
DeveloperNet
University Home > Online Courses > Novell eCommerce Beans
|
|
|
Security Beans
In order to understand the functionality of eCommerce Security Beans, it is necessary to discuss the Java Security model and related concepts.
| Java Security Terms | Explanation |
|---|---|
| Security Domain | In Java terms, a logical group where the Java program runs.
The Internet could be considered one domain. The smaller
domain could be the local computer. If domains are not
trusted, then you should use a secure connection.
|
| Digital Certificate | A digital "signature" that verifies the program originates from a
specific company and that the program is not harmful to your
system.
|
| Security Algorithm | An algorithm such as RSA that is used to encrypt information
sent between two domains.
|
| Cryptographic Service Provider | A package that allows the programmer to implement a security
algorithm.
|
| KeyStore | A secure database that stores digital certificates.
|
Java Security Model
The Java Crytographic Architecture (JCA) is the API that contains the Java Security packages. The Java Crytographic Extensions (JCE) is an extension of the JCA that includes encryption and key exchange.
Novell Implementation
eCommerce Security Beans contain the functionality to implement Java security into your Web application. Similarly to LDAP Beans, Security Beans are written entirely in Java and contain within them one logic tasks per bean. This allows you to easily integrate the beans in your Web application.
Security Beans allow you to create your own security provider, digital certificates, and retrieve certificates from remote hosts. This allows users to verify the authenticity of your application.
Novell uses open standards in the implementation of Security Beans. X.509 certificates, which are certificates that provide a standard way of storing and retrieving the information on the certificates, have been implemented in the certificate class.
You have a choice of encryption algorithms to implement or a combination of the security algorithms.
Novell Certificate Server
Novell Certificate Server can be an integral part of your application's security implementation. Certificate Server uses eDirectory to store the Organizational Authority, KeyStore, and host the PKI services you need. The best part is that it is all in eDirectory. You can use eCommerce Security Beans to query eDirectory for the certificates for your application. Also with Certificate Server, you have a central administration point of your PKI services. Since Certificate Server details are beyond the scope of this course, see http://www.novell.com/documentation for more details.
| Commonly Used Security Beans | Explanation |
|---|---|
| AddProvider
|
Command Bean that adds a security provider to the
java.security file.
|
| RemoveProvider
|
Command Bean that removes a security provider from the
java.security file.
|
| ListProvider
|
Command Bean that lists the current security providers.
|
| ImportCertificate
|
Imports a digital certificate into a KeyStore.
|
| ListCertificates
|
Lists the certificates in a given KeyStore.
|
| RetrieveHostCertificates
|
Retrieves certificates from a remote host.
|
| DeleteCertificate
|
Deletes a certificate from a KeyStore.
|
|
|
|
|
|
|
