The following security mechanisms can be used with enterprise beans. You
can implement any combination of these.
- Java2 security
- This form of security control is
implemented by the Java™ Virtual Machine (JVM) and can be used
with any Java program that executes under JVM control. See Protecting Java applications in CICS by using the Java 2 security policy mechanism for
guidance on using this type of security control.
- Secure Sockets Layer (SSL) security
- The Secure Sockets Layer (SSL) is a security protocol that provides privacy
and authentication between clients and servers communicating using TCP/IP.
For more information about SSL, see the CICS® RACF® Security
Guide. For information about using SSL with enterprise beans see Authentication of IIOP requests.
- MRO security
- After the request receiver has established a CICS USERID to be associated with the request,
it may need to be routed to an application-owning-region (AOR). If the routing
mechanism uses a multiple region operation (MRO) connection, the transmission
of the userid is subject to MRO security rules. See the CICS RACF Security Guide
- Security roles
- A security role represents a type of user of an application in terms of
the permissions that the user must have to successfully use the application.
See Security roles.