The application assembler can define a security view of the Enterprise Beans contained in the EJB-JAR file. The security view consists of a set of security roles. A security role is a semantic grouping of permissions for a given type of application user that allows that user to successfully use the application. The application assembler can define (declaratively in the deployment descriptor) method permissions for each security role. A method permission is a permission to invoke a specified group of methods for the Enterprise Beans' home and remote interfaces. The security roles defined by the application assembler present this simplified security view of the Enterprise Beans application to the deployer; the deployer's view of security requirements for the application is the small set of security roles, rather than a large number of individual methods.
The application assembler can define one or more security roles in the deployment descriptor. The application assembler then assigns groups of methods of the Enterprise Beans' home and remote interfaces to the security roles in order to define the security view of the application.
The scope of the security roles defined in the security-role elements is the EJB-JAR file level, and this includes all the Enterprise Beans in the EJB-JAR file.
...
<assembly-descriptor>
<security-role>
<role-name>tomcat</role-name>
</security-role>
...
</assembly-descriptor> |
After defining security roles for the Enterprise Beans in the EJB-JAR file, the application assembler can also specify the methods of the remote and home interfaces that each security role can invoke.
Method permissions are defined as a binary relationship in the deployment descriptor from the set of security roles to the set of methods of the home and remote interfaces of the Enterprise Beans, including all their super interfaces (including the methods of the javax.ejb.EJBHome and javax.ejb.EJBObject interfaces). The method permissions relationship includes the pair (R, M) only if the security role R is allowed to invoke the method M.
The application assembler defines the method permissions relationship in the deployment descriptor using the method-permission element as follows:
Each method-permission element includes a list of one or more security roles and a list of one or more methods. All the listed security roles are allowed to invoke all the listed methods. Each security role in the list is identified by the role-name element, and each method is identified by the method element.
The method permissions relationship is defined as the union of all the method permissions defined in the individual method-permission elements.
A security role or a method can appear in multiple method-permission elements.
It is possible that some methods are not assigned to any security roles. This means that these methods can be accessed by anyone.
The following example illustrates how security roles are assigned to methods' permissions in the deployment descriptor:
...
<method-permission>
<role-name>tomcat</role-name>
<method>
<ejb-name>Op</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
... |