Đang chuẩn bị liên kết để tải về tài liệu:
Designing Enterprise Applicationswith the J2EETM Platform, Second Edition phần 8

Khi nó nhận được một tin nhắn, phương pháp onMessage chất chiết xuất từ các dữ liệu hóa đơn từ các tin nhắn văn bản. Trong ví dụ này, dữ liệu đã được mã hóa XML, đó là phân tích cú pháp và sau đó được sử dụng để xử lý hoá đơn. • Nguồn rõ ràng-Tất cả các nội dung cho một miền địa phương xuất hiện trong một tập tin duy nhất | AUTHENTICATION 287 security-constraint web-app Code Example 9.4 SSL Hybrid Authentication Mechanism 9.2.2.1.3 Changing Authentication Identity Sometimes users need to change authentication identities. This could happen when an authenticated user tries to visit a protected Web resource and is rebuffed for lack of access authority to the resource. Although the user can exit the browser and restart the authentication process this is not always acceptable. Applications should give the user an opportunity to invalidate the authentication session and reauthenticate as a more appropriately privileged identity. The error-page element may be used in the deployment descriptor of a Web application to configure a resource to be invoked by the Web container when the processing of an HTTP request produces a particular HTTP error code. This functionality may be employed to redirect an unauthorized request to a resource within the Web container that gives the user an opportunity to invalidate its authentication session. For example the error-handling resource could return a form to the user containing the URI and parameters of the unauthorized request. The form would provide the user with an option to invalidate the current authentication session. Choosing to invalidate would cause the form containing the URI and parameters to be submitted to the Web container where a session invalidation resource would be invoked. This resource would invalidate the current authentication session by calling HttpSession.invalidate. It then redirects the user via the embedded URI and parameters to the original unauthorized resource. 9.2.2.2 EJB Tier Authentication Prior to J2EE 1.3 and EJB 2.0 the J2EE platform did not require that EJB containers implement specific authentication mechanisms. Moreover in many environments network firewall technology prevents direct interaction via RMI between client containers and enterprise beans. As a result it is common for an EJB container to rely on the .