Win a copy of AWS Security this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Junilu Lacar
  • Henry Wong
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Frits Walraven
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • salvin francis
  • fred rosenberger

role-link in DD optional ?

 
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Friends,
Suppose the bean provider has hard coded a security role in the business methods and in the <security-role-ref> section of the DD, he has specified a <role-name> but the application assembler does not specify a <role-link> to map the bean provider given security role to the abstract security role defined by the application assembler since the <role-link> section in the DD is optional.
What will happen if the role defined by the bean provider is not an abstract security role in the <assembly-descriptor> section of the DD? Any exceptions will be thrown or what might happen ?
 
Bartender
Posts: 1872
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Reghu,
It's just my opinion, but I would bet for an error at deploy time (after all the deploy tool has all the information it needs to point the issue).
Cheers,
Phil.
 
Reghu Ram Thanumalayan
Ranch Hand
Posts: 193
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Phil,
Could you elaborate something about the deploy tools because i am not sure about how such an error can be reported ! Is it like when you are about to deploy the bean in some application server, the error will be generated or what ?
Thanks for your replies Phil,
 
Philippe Maquet
Bartender
Posts: 1872
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Reghu,

Is it like when you are about to deploy the bean in some application server, the error will be generated or what ?


Yes, it's what I meant.
Cheers,
Phil.
 
Rancher
Posts: 3632
38
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
howdy, guys !!!
I have been asking exactly the same question some time ago
[EJB 2.0 Specs] Security Question. Oh-h-h, tough one
Nobody answered it
But my opinion is that it is optional for Bean Provider. But Application Assembler HAS TO define <role-link> for all references.
Other option [this is solely my own opinion] could be that EJB Container may ingnore references without links.
Would be fine to hear from some EJB GURU, or REAL EJB GIRL (Kathy, of course )
 
Men call me Jim. Women look past me to this tiny ad:
Devious Experiments for a Truly Passive Greenhouse!
https://www.kickstarter.com/projects/paulwheaton/greenhouse-1
    Bookmark Topic Watch Topic
  • New Topic