• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Run-as security identity functionality

 
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
what does it mean by
"Run-as security identity functionality" ... i found this explanation in the spec but couldnt get what it really means

"This functionalityallows for the declarative specification of the principal to be used for the run-as identity of an enterprise bean in terms of its security role."

thanks
[ February 11, 2006: Message edited by: Srividhya Anand ]
 
Ranch Hand
Posts: 372
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
<security-identity> tag in ejb-jar.xml can have 2 values - <use-caller-identity> or <run-as> . The tag that you use determines the role-name that is propogated when this EJB calls a method on another EJB. If you use <use-caller-identity>, whatever be the role name of the caller who called this EJB, the same role will be propogated when this EJB calls methods on another EJB. But if you specify another role-name using the run-as tag in security-identity, then that role will be propogated in method calls made by this EJB on other EJBs. The role that is propogated will be used for authorization of the called EJB's methods. For example, if the called EJB method has a method-permission defined for this role, then this role will be allowed to call that method, else authorization will be denied
 
Balaji Anand
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thak you for your reply. I got it.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic