Using Security Roles or UME
Permissions in Applications
To protect access to your applications, you can assign security roles (or security role references) to the applications. Users can then only access the application if they are assigned the corresponding role.
There are two main approaches for using security roles: declarative or programmatic.
● Declarative
With this approach, the developer assigns a security role reference to his or her application component, for example, EMPLOYEE. When assembling the project, the assembler consolidates multiple role references to the security role that is to be used for the complete application. The administrator assigns users these roles that they need to access the applications.
· Programmatic
With programmatic security roles, the developer can use a method to verify that the user has a specific role at run-time. In this way, you can make a distinction at the program level, depending on the role that a user has. For example, you can provide different output to different users with different roles.
The declarative approach applies to both J2EE standard roles as well as to user management engine (UME) roles. However, when using the programmatic approach, use UME roles and the UME APIs.
See also:
· J2EE standard roles:
· UME roles: Permissions, Actions, and UME Roles
·
Administration:
Administration of
Users and Roles in the Administration Manual