Java Security Management in java

Chapter 11 - Security Management

    Java Security Management in java

  •           The security management defines method permissions is declared in the enterprise bean deployment descriptor. Container-managed security makes an enterprise bean more flexible.

              A security role is a name given to a grouping of information resource access permissions that are defined for an application.

              Associating a principal with this security role grants the associated access permissions to that principal role.

              Deployment descriptor (ejb-jar.xml) for an entity bean that is using container-managed security:

    < assembly-descriptor >
    ...
    < security-role >
    < role-name > adm_role < /role-name >
    < /security-role >
    < method-permission >
    < description>only remote access < /description >
    < role-name < adm_role < /role-name >
    < method >
    < ejb-name > EntityBMP < /ejb-name >
    < method-intf > Remote < /method-intf >
    < method-name < withdraw < /method-name >
    < /method >
    < /method-permission >
    ...
    < /assembly-descriptor >
     

              The element identifies the only security role that is allowed to invoke the withdraw method on the remote interface. The element consists of an optional description, a list of security role names, and a list of method elements.

              The element contains the definition of a security role used by the bean. The security roles used in the element must be defined in the elements of the deployment descriptor.

© 2015 by Learncertification All Rights Reserved. The certification names are the trademarks of their respective owners. Terms & Privacy Policy