ACL in Bean

Discussions

EJB design: ACL in Bean

  1. ACL in Bean (1 messages)

    To apply ACL to the methods of Bean.Can anyone tell me what shld be the procedure

    Thanks in advance

    Threaded Messages (1)

  2. ACL in Bean[ Go to top ]

    It's declarative. You set it in the bean's deployment descriptor.

    To make any use of it, you'll need to connect to JNDI using authentication so your security Principal is created. It will then be propogated to your EJB calls and used to check if you fulfill the requirements for accessing the methods.

    You set up permissioning by requiring users to have a certain "role" in order to access the method. If you have that role, you're in.

    How this is all manifested and persisted is vendor specific, the spec says (and will probably never say) anything about this.

    Chz

    Tony