Sun Microsystems 820433510 Server User Manual


 
Note Users and groups are designated for the entire Enterprise Server, whereas each
application denes its own roles. When the application is being packaged and deployed, the
application species mappings between users/groups and roles, as illustrated in the following
gure.
Users
A user is an individual (or application program) identity that has been dened in the Enterprise
Server. A user can be associated with a group. The Enterprise Server authentication service can
govern users in multiple realms.
Groups
A Java EE group (or simply group) is a category of users classied by common traits, such as job
title or customer prole. For example, users of an e-commerce application might belong to the
customer group, but the big spenders would belong to the preferred group. Categorizing users
into groups makes it easier to control the access of large numbers of users.
FIGURE9–1 Role Mapping
UnderstandingUsers,Groups,Roles,and Realms
Chapter9 • ConguringSecurity 105