Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Who does define <security-identity> element in the DD

 
alzamabar
Ranch Hand
Posts: 379
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, I'm just studying that a bean can be given another security role other than the client's Principal one by using the <security-identity><run-as /></security-identity> element in the DD.

The question is: who does define this element? I think it's not the bean's developer, as she may not know the business context in which the application will run; for the same reason I would say that is not the Application Assembler either. Shall I assume is the application deployer?
 
Lionel Orellana
Ranch Hand
Posts: 87
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think it's the Application Assembler who does this.

Look at this post.

There's a reference there to a study guide where you can read this:

"The Application Assembler uses the security-identity deployment descriptor element to specify whether the caller's security identity should be used for the execution of the methods of an enterprise bean or whether a specific run-as identity should be used ... Because the Application Assembler does not, in general, know the security environment of the operational environment, the run-as identity is designated by a LOGICAL role-name, which corresponds to one of the security roles defined by the Application Assembler in the deployment descriptor."
[ July 25, 2004: Message edited by: Lionel Orellana ]
 
Giju George
Ranch Hand
Posts: 333
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi marco,
You can even have a look at this, very helpful. http://www.valoxo.ch/jr/DeploymentDescriptor.pdf
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic