• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

EJB roles: tx attributes and security

 
Francesco Marchioni
author
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
well part-I is really near the corner, I left as last a refresh on EJB roles.
I can see (Sun Architecht certification book) that a few activities are mapped to more then one role.
In particular "setting tx-attributes" seems to be delegated to :

1- bean provider
2- application assembler
3. deployer

Also about security roles it's not clear to me when it's up to the application assembler and when to the deployer.

Can anybody clarify this topic ?
Thanks a lot in advance
Francesco
 
B.Sathish
Ranch Hand
Posts: 372
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The application assembler is responsible for the transaction attributes. Tx attributes come under the <assembly-descriptor> section which is the app assembler's area

The app assembler is also responsible for creating the logical security roles that make sense for the application. She does this using the security-role element in the DD. But the bean is going to be deployed in the deployer's company and hence the role names defined by the app assembler may not match the real groups in the company. Hence the deployer is responsible for mapping the logical security roles defined by the app assembler to the actual users and groups that exist in his company. This is done in vendor specific way outside of the EJB DD. Also the company may use its own way of storing users and groups, for example have an LDAP authentication server. Its the deployer's responsibility to assign the security domain and the principal realm to the application.

The bean provider may hard code roles in his code to implement programmatic security, he has to announce them in the DD through the security-role-ref element. The app assembler will add a role-link to it to map it to the security-role that she defines
 
Francesco Marchioni
author
Ranch Hand
Posts: 194
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
ok clear, thanks a lot
francesco
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic