Communication Security for the Web Container

For this communicationchannel, communication is initiated by a Web application client, such as a Web browser. The access request coming from the Web application client is passed through the Internet Communication Manager (ICM) for load balancing and is then forwarded to the Web applications (WARs) running in the Web container of the AS Java. The Web applications then access business objects using Enterprise Java Beans(EJBs) from the EJB Container. The EJBs in turn access the actual data in the persistence layer.

For an overview of the communication flow, see the figure below.

Communication Flow for Web Container

The table below presents an overview of the security-relevant information for each of the communication paths.

Communication Path	Protocol Used	Type of Data Transferred	Available Security Protection
Front-end client using Web application client to application server	HTTP	Authentication information All application data	Secure Socket Layer (SSL)
Web application to Enterprise Java Bean	P4 IIOP	All application data Data about propagation of security credentials	Secure Socket Layer (SSL)
EJB to persistence layer	JDBC LDAP RFC	All application data Authentication data when accessing persistence layers or remote servers	Driver dependent encryption for JDBC SSL for LDAP SNC for RFC

Communication Path

Protocol Used

Type of Data Transferred

Available Security Protection

Front-end client using Web application client to application server

HTTP

Authentication information
All application data

Secure Socket Layer (SSL)

Web application to Enterprise Java Bean

IIOP

All application data
Data about propagation of security credentials

Secure Socket Layer (SSL)

EJB to persistence layer

JDBC

LDAP

RFC

All application data
Authentication data when accessing persistence layers or remote servers

Driver dependent encryption for JDBC

SSL for LDAP

SNC for RFC