BEA Offers Up New Approach To Security

BEA's new WebLogic Enterprise Security software aims to provide a single point of authentication for enterprise applications by distributing security services to application containers and legacy applications alike. The product contains most security services such as Security Assertion Markup Language (SAML), X.509, LDAP and NT Domain, including role-based authorization and auditing. It is slated to ship by the end of this month, with pricing at $10,000 per CPU.

Until now, application server vendors have steered the industry into using traditional centralized security methods, which has forced developers to work with multiple security products and coordinate myriad authentication points to allow simultaneous access to multiple systems. Such an architecture has created a daunting problem for IT managers who constantly need to find a balance between security complexity and administration and developer support.

WebLogic Enterprise Security achieves application security heterogeneity by providing service modules that work with multiple application architectures. WebLogic Service Modules purport to work transparently, regardless of whether developers work with Enterprise JavaBeans (EJBs), databases, servlets or .Net components. BEA also offers a module that works with legacy applications that require specialized authentication.

When working with legacy applications, developers will have to code their access methods to WebLogic Service Modules, but they do not have to re-create new forms of authentication or revamp existing code because the service modules act independent of each other.

id
unit-1659132512259
type
Sponsored post
SECURITY BLANKET

The service modules hook into application containers by way of the Java Authorization Contract for Containers (JACC) API or security methods by directly accessing their APIs. Each WebLogic Service Module lives in the server where the application or components reside and communicates with applications via a container, a Web server or its own API.

All policies are replicated to each server through a centralized Web-based monitoring system that streamlines delegation by distributing policies across each server. This architecture shifts the responsibility of securing applications away from the developer and into the hands of an administrator. Every server becomes responsible not only for its applications but also for its security policies.