Chapter 7 Security
323
7.3.4.2
Controlling Access to EJB Tier Endpoints
The EJB deployment descriptors define security roles for an enterprise bean. These
descriptors also specify, via the 
method permission
elements, the methods of a
bean's home, component, and Web service endpoint interfaces that each security
role is allowed to invoke. 
Code Example 7.11 shows how to configure method level access. The
example specifies that the method 
submitOrder
, which occurs on an interface of
an enterprise bean Web service endpoint, requires that a caller belonging to the
customer
 role must have authenticated to be granted access to the method. It is
possible to further qualify method specifications so as to identify methods with
overloaded names by parameter signature or to refer to methods of a specific
interface of the enterprise bean. For example, you can specify that all methods of
all interfaces (that is, remote, home, local, local home, and service) for a bean
require authorization by using an asterisk (
*
) for the value in the 
method name
 tag. 
customer
PurchaseOrder 
ServiceEndpoint
submitOrder 
Code Example 7.11
Enterprise Bean Authorization Configuration
Some applications also feature unprotected EJB endpoints and allow anony 
mous, unauthenticated users to access certain EJB resources. Use the 
unchecked
element in the 
method permission
 element to indicate that no authorization check
is required. Code Example 7.12 demonstrates the use of the 
unchecked
 element.
PurchaseOrder 
getCatalogInfo 






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

 

Our web partners: Inexpensive Web Hosting Java Web Hosting personal webspace webspace php  linux webhost

 html web templates DreamweaverQuality Web Templates PSD Web Templates

cheap webhost j2ee web Hosting buy webspace ftp webspace adult webspace

frontpage WebHosting webspace hosting cheap webhost

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved

aol web hosting