Use this procedure to declare all the security role names that you use in your enterprise bean source code, and to link them to the security roles defined for the EJB application. These declarations are stored in ejb-jar.xml.
The security roles for the EJB application are defined in ejb-jar.xml.
...
1. Open the ejb-jar.xml.
2. From the right-hand pane, choose the Enterprise Beans tab.
3. Open the corresponding tree structure according to the type of your enterprise bean (session or entity).
You cannot declare security role references for message-driven beans.
4. From your bean tree sub-structure, select security-role-ref.
5. Choose add.
6. In the right-hand pane, enter the following data:
Property |
Description |
Role name |
The name of the security role used in the source code of the enterprise bean, that is, the parameter to the isCallerInRole(String roleName) method. This property is stored in the <role-name> element in the deployment descriptor. |
Role link |
The name of the security role to which the current security role reference is mapped. a. To select a security role defined in ejb-jar.xml, choose Add b. To remove an already selected security role, choose Remove. This property is stored in the <role-link> element in the deployment descriptor. |
Description |
A description of the security role. |
The declared security role references appear as sub-nodes under the security-role-ref node.
To remove a declared security role reference, select it and choose Remove.
The declaration is stored in the <security-role-ref> element in the deployment descriptor.
The following code excerpt shows an example declaration of a security role reference.
<security-role-ref> <description> This role is linked to the carCustomer security role. </description> <role-name> car_Customer </role-name> <role-link> carCustomer </role-link> </security-role-ref> |