• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

To Authors: declarative security

 
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
is there something on the declarative security : put some meta data (JSR 175) into the code for tagging an intern (private) method of the servlet and delegate security control to the container
 
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Guillaume,
The Container Managed Security pattern in Chapter 10 touches on declarative security, however it does not address the JSR. What exactly are you looking to do?
 
Guillaume Compagnon
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
the next step of declarative security is to tag your code with meta data...
for example , put a "@role admin" on a method of the servlet , to restrict the call of this method to users with that role.

Does the book address this sort of issue ?
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Representing deployment descriptor Metadata such as roles and constraints in J2EE components as part of code is getting introduced in J2EE 5.0. But it is no different from your existing deployment descriptor. It is just a matter of convenience.

Some people call it as hard-coding !
 
I think she's lovely. It's this tiny ad that called her crazy:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic