Security Administration

The common services layer provides a flexible security model that allows a number of options when planning for application server security, service container runtime security, and Web services security.

You can implement native security or custom security:

Security Implementation	Options
Native via Service Container	Use Basic Provider Suite (BPS) security. BPS is the default J2EE security provided by EAServer. Delegate security to a third-party provider to enable authentication and authorization in the EAServer.
Custom via Business Process or Web Services	Enable authentication and authorization, as well as encryption and decryption inside a business process. You can implement these security methods with an LDAP directory or as part of EAServer security. Add Web services security to services exposed over SOAP.

Service Container Security
Security providers control the user identity authorization and authentication for Service Container. By default, Service Container security is provided by the Basic Provider Suite (BPS).
Business Process Security
Enable user authorization/ authentication, using LDAP or EAServer security, or encryption/ decryption and XMLencryption/ XMLdecryption inside a business process.
Web Services Security
Implement inbound or outbound security to Web services exposed over SOAP.

Send your feedback on this help topic to Sybase Technical Publications: pubs@sybase.com

Your comments will be sent to the technical publications staff at Sybase, Inc. For product-related issues or technical support, contact Sybase Technical Support at 1-800-8SYBASE.