Red Hat APPLICATION SERVER - JONAS Manual page 155

Jonas

Hide thumbs Also See for APPLICATION SERVER - JONAS:

Tutorial (62 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

page of 296

/ 296
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 13. Security Management

then obtain the distinguished name of the caller principal using the

java.security.Principal

13.3.2. Use of isCallerInRole(String roleName)

The main purpose of the

grammer to code the security checks that cannot be easily deﬁned declaratively in the deployment

descriptor using method permissions. Such a check might impose a role-based limit on a request, or

it might depend on information stored in the database.

The Enterprise Bean code uses the

the current caller has been assigned to a given security role or not. Security roles are deﬁned by the

application assembler in the deployment descriptor and are assigned to principals by the deployer.

13.3.3. Declaration of Security Roles Referenced from the Bean's Code

The Bean programmer must declare in the

scriptor all the security role names used in the Enterprise Bean code. Declaring the security roles'

references in the code allows the application assembler or deployer to link the names of the security

roles used in the code to the actual security roles deﬁned for an assembled application through the

elements.

security-role

...

enterprise-beans

...

session

ejb-name Op /ejb-name

ejb-class sb.OpBean /ejb-class

...

security-role-ref

role-name role1 /role-name

/security-role-ref

...

/session

...

/enterprise-beans

...

The deployment descriptor in this example indicates that the Enterprise Bean

checks using

isCallerInRole("role1")

13.3.4. Linking Security Role References and Security Roles

If the

security-role

references declared in the

in the

security-role

The following deployment descriptor example shows how to link the security role references named

to the security role named

role1

...

enterprise-beans

...

session

ejb-name Op /ejb-name

ejb-class sb.OpBean /ejb-class

interface.

isCallerInRole(String roleName)

security-role-ref

elements have been deﬁned in the deployment descriptor, all the security role

security-role-ref

elements.

tomcat

in at least one of its business methods.

elements must be linked to the security roles deﬁned

method of the

getName()

method is to allow the Bean pro-

method to test whether

elements of the deployment de-

makes the security

147

Table of Contents

Need help?

Do you have a question about the APPLICATION SERVER - JONAS and is the answer not in the manual?

Questions and answers

This manual is also suitable for:

Application server

Red Hat APPLICATION SERVER - JONAS Manual page 155

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Red Hat APPLICATION SERVER - JONAS

Related Products for Red Hat APPLICATION SERVER - JONAS

This manual is also suitable for:

Table of Contents