Q&A

Q1:What is the main difference between the declarative and programmatic security approaches?
A1: The declarative security approach is a container-managed approach in which security rules are configured outside application code, in the deployment descriptor. This helps make the application more portable and flexible. J2EE emphasizes the declarative approach because it reduces the cost of deploying enterprise applications. On the other hand, the programmatic approach is a component-managed approach in which EJBs, JSPs, and servlets maintain the security rules in the component's code. This is useful in applying business rules when the declarative approach is not adequate.
Q2:What is the main purpose of the JAAS API?
A2: The JAAS API extends the ...

Get Sams Teach Yourself EJB in 21 Days now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.