EclipseCon 2007 March 5-8, Santa Clara California





Secure Desktop Applications with Eclipse RCP

Neil Bartlett (Independent)

· Long Talk

Thursday, 11:10, 50 minutes | Grand Ballroom D

7
·
8
·
9
·
10
·
11
·
12
·
13
·
14
·
15
·
16
·
17
·
18
·
19

Eclipse RCP is rapidly gaining popularity as a framework for corporate desktop applications. These applications are often developed bespoke or in-house, and are the gateways to critical business functions. As such they must be secured: we must know exactly who each user is (i.e. they must be authenticated), and we must prevent users from performing tasks that they do not have the authority to perform (i.e. they must have authorization).

Eclipse RCP is an excellent base on which to build secure applications. Through plugins and extensions, we can offer a far cleaner experience for users by simply hiding the functions for which they are not authorized, instead of constantly showing "Access Denied" errors. Using OSGi we can even dynamically grant or deny access to functionality while the application is running.

Yet, frustratingly, RCP stops short of supplying "out-of-the-box" support for authentication and authorization, so this support must be added on. In this talk we discuss the principle techniques required; what the most common business requirements are for security, and how to achieve them; and how to integrate with existing technologies such as JAAS or Kerberos.

To conclude we will solicit feedback from the audience on the security requirements they would like to see made available through the base platform, in the hope of influencing future releases.

Neil is a Java developer and consultant specialising in Eclipse RCP and OSGi, in particular their use in large enterprise settings. Recently he has helped a number of financial institutions with their adoption of RCP and evangelises the use of the RCP/OSGi technology platform for both client and server-side development.

Floor Plan

Gold sponsors

Ingres logo

BEA logo

IBM logo

Business Objects logo

Klocwork logo

Windriver logo

Red Hat logo

Actuate logo

Silver sponsors

Compuware logo

Sybase logo

Google logo

Nexaweb

Activegrid

Genuitec

Instantiations

Cloudsmith

Code Gear

ACCESS

Oracle

Telelogic

Innoopract logo

Lynux Works

Media sponsors

Eclipse Magazine logo

GoingtoMeet.com logo

Methods and Tools logo

Eclipsezone logo

Addison-Wesley logo

Eclipse Magazin logo

Embedded Computing logo

SD Times logo

Enterprise Open Source logo

ACM Queue logo

TheServerSide Java Symposium

Eclipse Review logo

Software Test & Performance logo

Eclipse Developers Journal logo

Eclipse Source logo