EAServer Manager allows you to set the quality of protection (QOP) for EAServer packages, components, and methods. QOP establishes a minimum level of encryption and authentication that a client must meet before it can access your business logic. For example, if you do not set a QOP at the package level, all clients can access the package. You can then set a QOP that restricts access to components within that package, and a different QOP that further restricts access to methods within those components.
This chapter discusses setting server-side QOP. For information about configuring client-side QOP, see:
The component’s QOP setting is ignored if the
user is the system user; in other words, the user is jagadmin or
the component is being called by a service or other component that
runs with the system identity.
The client’s QOP, EAServer listener’s security profile, and the package, component, and method QOP work together to establish end-to-end security. To accommodate naming services and reduce connection time, a special CORBA component tag is set in the interoperable object reference (IOR). The naming service sends only profiles with QOPs that match a client’s QOP so that the client tries to access only listeners and packages, components, and methods for which the client has a compatible QOP.
