posted 20 years ago
The deployer needs to set up the roles that the DD contains as well as map users to roles. Also, the users need to have their passwords mapped to their user names.
Initially, someone needs to set up a security realm for the container. The realm is where the above information will be stored. One example is a database. Another could just be a container's proprietary file. Containers are generally compatible with multiple realm types. Someone must tell the container where to look to authenticate users before any security can be in place for ejbs or web applications for that matter. The easiest way to do some security tests is to use the container's proprietary file, (called a memory realm), and just enter in a couple different people in a couple different roles.
Anthony W.<br />MCP, SCJP 1.4, SCJD, SCWCD 1.3, SCWCD 1.4, SCBCD