A Comparative Study of J2EE and Microsoft.NET
- Architecture and
Security of Enterprise Applications
Abstract
Today, an enterprise cannot survive without information technology to
automate its business processes. E-business has given this automation
another dimension.
In this thesis we define enterprise applications as multi tier,
component based, distributed web applications. This architecture
introduces a lot of low level implementation problems. As a solution to
these problems we describe platforms with services and programming
libraries specialized for the design of enterprise applications.
Firstly, we summarize the common concepts of those platforms, afterwards
we compare two concrete platforms: J2EE and .NET. This comparison is
illustrated by means of a case study. Afterwards we elaborate on role
based access control, authentication and authorization in J2EE and .NET.
This thesis is concluded with an extension to the .NET security
architecture: PAM.NET introduces pluggable authentication modules into
the .NET framework and integrates with the existing authorization
technology of .NET.
Bert Lagaisse
may 15th, 2003