• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

security - client Identification

 
jhon Reader
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
how client specify
i am admin or manager or clerk
or i belong to this role
hanks
 
Valentin Crettaz
Gold Digger
Sheriff
Posts: 7610
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's not the responsibility of the client to do that. See section 21.4 (Security - Deployer's responsibilities) and section 21.7 (Security - System Administrator's responsibilities) of the EJb 2.0 specification.

Basically, roles, groups, principals, etc, are configured when an enterprise application is deployed (or sometimes at runtime), the client doesn't have to do anything, he just keeps invoking methods and the EJB container will look up if the given user is allowed to invoke it.
 
jhon Reader
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I feel i am not able two explain my question earlier .
suppose two client make request ,
A admin
B clerk

so in this case what information from client part has been sent to the server ,so that server can determine which one is A and which one is B.
once A and B are identified then server can determine which one admin
and who is clerk
 
jhon Reader
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
much simple
how web-server comes to know he is serving clerk or admin
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic