users@glassfish.java.net

About Server side security

From: Imran M Yousuf <imran_at_smartitengineering.com>
Date: Mon, 21 May 2007 12:46:04 +0600

Dear Users,

I am new to EJB 3 and JAAS. My previous experience is with Spring and Acegi.
Our organization is developing an ERP solution. So we are thinking about a
architecture of EJB 3 (Entities, EAO, and BO) + [Spring (IoC) + NetBeans
Platform]; Java EE Container is GlassFish. I have been assigned to find out
how the security can be implemented. We want the application to container
independent. So can someone please help on how the security of the system
could be designed.
I was thinking of, certificate based authentication for clients and db based
authentication for users; but I am not sure how to implement that as well.
So if someone could shed light on that or even provide a document or sample
project link it would be helpful.

Thank you in advance,

-- 
Imran M Yousuf
Software Engineer
Smart IT Engineering
Dhaka, Bangladesh
Email: imran_at_smartitengineering.com
Mobile: +880-1711402557