Guys,
There is in fact a NetCrusader/EJB product
that which will be officially released this June.
It provides authentication, policy-based authorization,
and audit services for EJBs running under WLS and IAS.
It is all managed centrally with the same admin GUI
as is available with NetCrusader/CORBA and NetCrusader/Web.
The security infrastructure does support password expiration,
and all the other features you would expect and require.
The core product is indeed vendor-neutral,
but in the case of WLS, authentication services
can optionally integrate as a custom realm.
John Herendeen
-----Original Message-----
From: Proneel Guptan [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 08, 2000 12:56 PM
To: [EMAIL PROTECTED]
Subject: Re: Security products
Hi Swami,
I suppose my question wasn't clear enough, let me attempt
to clarify.
I prefer not to implement the realm on my own (though Weblogic
provides examples on how to). Also, I would have to develop
the admin gui on my own, implement password expiry etc. I
have heard of a product called NetCrusader from Gradient
which does some of what I need, but is not EJB-ready yet. I
would like to know if there are similar products in the market.
The reason I mentioned Weblogic is because it should probably
fit into it's "realm" interface, but I think the core of the
product would probably not be vendor specific. I may be wrong.
Thanks,
Proneel.
>Proneel,
>Though this is WebLogic related question and this is wrong newsgroup, here
is
>the answer. Weblogic 5.1 provides pluggable authenticators and
authorizations
>unit. They provide an RDBMS realm as an example.
>
>Swami
>>
>> We use BEA Weblogic as our EJB server. We are looking for any
>> supporting products which would handle some of the security
>> framework issues such as:
>>
>> a) Provide a security "realm" (RDBMS or LDAP) that plugs into
>> Weblogic.
>>
>> b) Provide a web gui to create/delete users and groups and assign
>> roles to them. Handle password expiration etc. Allow for a
>> transition from passwords to digital certificates.
>>
>> c) Allow for data partitioning. Our application would have users
>> and groups belonging to multiple businesses, administration of
>> users in each business should be allowed independent of the others.
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
