Securing Java Clients
Unlike Web clients using Internet browsers, application clients require a different strategy for implementing security. In the past, application clients of WebLogic Server used JNDI for authentication. Although JAAS is a standard extension to security in J2EE 1.3, it's the preferred method of application client authentication in WebLogic Server. Security implementations based on JNDI works under WebLogic Server, but some methods in the weblogic.jndi.Environment class based on JNDI authentication have been deprecated. This is why BEA recommends using JAAS for all username and password authentication. For two-way SSL authentication, JNDI is used because JAAS does not handle this.
WebLogic Server, being J2EE 1.3–compliant, ...
Get BEA WebLogic Server™ 8.1 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
