my dog learned polymorphism
The moose likes EJB and other Java EE Technologies and the fly likes Security roles in EJB Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "Security roles in EJB" Watch "Security roles in EJB" New topic

Security roles in EJB

mohamed zafer
Ranch Hand

Joined: Nov 03, 2000
Posts: 62
Hello There,
I have few clarifications on EJB. Please take time to help me.
We can define "Security Role" in the Deployment descriptor. How can I use this from my EJB. For example consider
I have an EJB called "AdminEJB". This EJB can be accesed by only administrators, hence I define a "security-role" called
"admin". Now please tell me what all should I do restrict others form accesing the EJB.
I have the following queries
1. I have a user called "zafer" who is an administrator, How can I map the user "zafer" with role "admin"
2. When should the methods "isCallerInRole()" and getCallerPrincipal() be used.
3. There is a node called "security-identity", what is it actually used for.

4. Similar is for "method-permission" node, How can I use it.

Currently I am using Pramati Server3.0 and also WebSphere 5.
Mohamed Zafer
I agree. Here's the link:
subject: Security roles in EJB
It's not a secret anymore!