Specifying Security Identity 

Use

Use this procedure to specify whether the caller identity will be used when invoking the bean’s methods, or whether the caller will use a specific run-as identity.

Procedure

...

       1.      Open the ejb-jar.xml.

       2.      From the right-hand pane, choose the Enterprise Beans tab.

       3.      Open the corresponding tree structure depending on the type of your enterprise bean.

       4.      From your bean tree sub-structure, select security-identity.

       5.      Choose add.

       6.      In the Description field, enter an optional description of the security identity.

       7.      Choose the security identity.

                            a.      To use the caller identity, choose the Use caller identity option.

The following shows a sample result source code:

<security-identity>    <description>The caller’s identity will be used when accessing the bean’s methods.</description>    <use-caller-identity/> </security-identity>

 

You cannot specify the Use caller identity option for message-driven beans. You must specify the run-as identity instead.

                            b.      To specify the run-as identity:

                                                  i.       Choose the run-as option.

                                                ii.       Choose Add to choose one of the security roles defined in ejb-jar.xml and to assign it to the run-as identity.

To change an already assigned security role, choose Remove and then choose Add to assign another security role.

                                               iii.       Enter an optional description of the run-as identity.

The following shows a sample result source code:

<security-identity>    <description>The bean will use run-as identity to make calls.</description>    <run-as>       <role-name>carCustomer</role-name>    </run-as> </security-identity>