Security Architecture and Security Contract

The Adapter Framework default modules use the component-managed sign-on scenario as the security model.

• If the user name and password are configured in the exit bean of the default Adapter Framework module processor, they are forwarded, for example with ConnectionSpec, to the resource adapter.
• If you do not use the default modules for the resource adapter, you can choose one of the security scenarios for the implementation of the resource adapter.

  The user name and password belong to a technical user that operates the Adapter Framework. This information does not relate to an end user.

• The Adapter Framework does not publish any credentials or certificates (aliases) for the logon procedure to external protocols or systems.

  Principal propagation is not currently supported.

  You can add this information in the metadata for the adapter configuration. This configuration data is read for each communication channel and used to log on to systems.

  More information: Adapter Metadata

  Note

  The references in the table refer to chapters 7 (Security Architecture) and 8 (Security Contract) of the document J2EE Connector Architecture Specification, Final Version 1.0.

  You can download this document at java.sun.com/j2ee/connector.

Security Architecture and Security Contract