I am bit confused about the <security-role> and <security-role-ref> elements. The main confusion is about, which DD tag's values can be used in isCallerInRole(), which are mapped to roles in the environment etc.
I remember having read in HFSJ that the hard coded roles in the bean code (java/dd) can be linked to a environment which has role names different, so we do not need to change the code.
Please give me a code (java+dd) scenario so that this can be appreciated for beans. To be specific I would like these snippets to show how the DD's security tags grow as the code travels through the provider-appn assembler-deployer role chain
thanks in advance!
SCJP 1.4 - 95% [ My Story ] - SCWCD 1.4 - 91% [ My Story ] Performance is a compulsion, not a option, if my existence is to be justified.
<role-link> is something that the application assembled decides based on the operational environment. So in this case,
"SuperUser" is the application specific role, that is mapped with the "Admin" operational target specific role.
Joined: Apr 27, 2008
That's correct Niranjan.
<security-role-ref> corresponds to @DeclareRoles, as Christophe pointed out. However, the possibility to link the String used in isCallerInRole ("SuperUser" in my example) to a specific role in the environment ("Admin") is offered only by the deployment descriptor, not by annotations.