Managing security for enterprise beans

The following security mechanisms can be used with enterprise beans. You can implement any combination of these.
Java2 security
This form of security control is implemented by the Java™ Virtual Machine (JVM) and can be used with any Java program that executes under JVM control. See Protecting Java applications in CICS by using the Java 2 security policy mechanism for guidance on using this type of security control.
Secure Sockets Layer (SSL) security
The Secure Sockets Layer (SSL) is a security protocol that provides privacy and authentication between clients and servers communicating using TCP/IP. For more information about SSL, see the CICS® RACF® Security Guide. For information about using SSL with enterprise beans see Authentication of IIOP requests.
MRO security
After the request receiver has established a CICS USERID to be associated with the request, it may need to be routed to an application-owning-region (AOR). If the routing mechanism uses a multiple region operation (MRO) connection, the transmission of the userid is subject to MRO security rules. See the CICS RACF Security Guide
Security roles
A security role represents a type of user of an application in terms of the permissions that the user must have to successfully use the application. See Security roles.