Chapter 7 Security
323
7.3.4.2
Controlling Access to EJB Tier Endpoints
The EJB deployment descriptors define security roles for an enterprise bean. These
descriptors also specify, via the
method permission
elements, the methods of a
bean's home, component, and Web service endpoint interfaces that each security
role is allowed to invoke.
Code Example 7.11 shows how to configure method level access. The
example specifies that the method
submitOrder
, which occurs on an interface of
an enterprise bean Web service endpoint, requires that a caller belonging to the
customer
role must have authenticated to be granted access to the method. It is
possible to further qualify method specifications so as to identify methods with
overloaded names by parameter signature or to refer to methods of a specific
interface of the enterprise bean. For example, you can specify that all methods of
all interfaces (that is, remote, home, local, local home, and service) for a bean
require authorization by using an asterisk (
*
) for the value in the
method name
tag.
customer
PurchaseOrder
ServiceEndpoint
submitOrder
Code Example 7.11
Enterprise Bean Authorization Configuration
Some applications also feature unprotected EJB endpoints and allow anony
mous, unauthenticated users to access certain EJB resources. Use the
unchecked
element in the
method permission
element to indicate that no authorization check
is required. Code Example 7.12 demonstrates the use of the
unchecked
element.
PurchaseOrder
getCatalogInfo
footer
Our web partners:
Inexpensive
Web Hosting
Java Web Hosting
personal webspace
webspace php
linux webhost
html web templates
DreamweaverQuality Web Templates
PSD Web Templates
cheap webhost
j2ee web Hosting
buy webspace
ftp webspace
adult webspace
frontpage WebHosting
webspace hosting
cheap webhost
Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved
aol web hosting