Use this procedure to define security roles for your EJB application. A security role is a semantic group of permissions that must be granted to users or groups so that they are able to use the EJB application.
...
1. Open the ejb-jar.xml.
2. From the right-hand pane, choose the Assembly tab.
3. Select security-role and choose add.
4. In the right-hand pane, specify the security role name and an optional description of the role.
5. Repeat the same steps for all security roles that you want to define.
Each security roles is stored in a <security-role> element in the deployment descriptor. The name of the security role is stored in the <role-name> element.
The following code excerpt shows the result definition of two security roles.
<security-role> <description> This role includes all customers that are registered to access an application for renting a car. </description> <role-name> carCustomer </role-name> </security-role> <security-role> <description> This role includes the employees that are authorized to maintain the customers’ bookings. </description> <role-name> staff </role-name> </security-role> |