Security

The Security page of the Edit Enterprise Bean Wizard dialog will display as part of this wizard when the Security option is selected on the Configuration Options page of this wizard.

Use the Security page to select which security identity should be used for the execution of the methods of other components that are called from this bean. You can also indicate which of the bean's methods can be accessed by each role name in the deployment environment. If the isCallerInRole() method is used in this bean, you can enter the names referenced in it, and, optionally, provide the role name in the deployment environment that matches the coded name used.

Specify a Security Identity

Select which security identity should be used when this enterprise bean calls methods on other components.

  1. Choose Use Caller ID if you want the principal of this enterprise bean's caller to be propagated to other beans that it calls.
  2. Choose Run as Specified Role and select the role from the list if you want a security identity other than the caller's identity propagated to other beans.
  3. Click Edit Roles if the role that you want to use as the security identity is not in the list. You will be taken to an edit roles dialog where you can add roles to the list.

Set the Security Permissions

In the Method Permissions section, set the security permissions on each of the methods in each of the interfaces. The Methods table will update to show the methods contained in the Interface whose radio button is selected in the Show column. To set the Method Permissions for each of the methods contained in the Local interface:

  1. Select the radio button for Local under the Show column. The table updates to show methods contained in the Local interface. The interface buttons will be disabled if no interfaces have been defined.
  2. Choose a value for the availability column:

    If Selected Roles is selected in the Availability column, the checkboxes in the role columns are enabled for selection of roles that have access to the method. Otherwise they are disabled.

Linking Security Role References to Security Roles

In the Role Names Referenced in Code panel, specify the referenced in the code and provide its corresponding role link. For every Security Role defined in a security role reference, there must be a link to the defined security roles. Link each security role reference to a security role using the Role Link column below. The value for Role Link must be the name of one of the existing security roles. For example, you might need to link a Security Role Reference of payroll to a security role named payroll-department. You must provide the Role Link even if the Role Name is the same as the value of the Role Link.

  1. Click Add to declare a security role reference.
  2. In the Role Name column, enter the name of the security roles referenced in the code for the enterprise bean, for example, employee or payroll-department.
  3. Select the Role Link value that maps to the Role Name from its drop-down list. This will link the name in the Role Name column with an existing role that has been referenced in the code for the enterprise bean. If you do not see the role you want in this list, click the Edit Roles button to add that role.

Editing Role Names

To edit the information entered in the Role Names table, select the cell where you want to make a change, and edit the values directly in the table.

Deleting Role Names

To delete a role name from the list, select the row containing the role name and click Delete. A confirmation dialog will ask you to confirm the deletion.


Copyright 1999-2003 Sun Microsystems, Inc. All Rights Reserved.