Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Roles  RSS feed

 
Siegfried Heintze
Ranch Hand
Posts: 417
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The O'Reily book credits Microsoft Transaction Server (now called COM+) as the first Component Transaction Monitor (CTM). Since the various implementations of EJB are also CTMs, I expect them to all solve the same problems.
COM+ (aka MTS) implements an important feature called roles. This means I can use a program called the Microsoft Management Console (MMC) to prohibit nurses (for example) from accessing the same class of objects that doctors may use.
I called an ejip.net and explained I wanted an EJB capability with multiple database accounts for a web site to prototype my product. They said EJB does not have this COM+ feature of roles. I was flabergasted! This role feature is important! Is it really true EJB does not support roles and I have to prompt for passwords and implement the notion of an account myself? Yuck! Say it isn't so!
Thanks,
Sieg
 
Joe Guzzardo
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It isn't so. I've never done what you describe, but I am the proud owner of Richard Monson-Haefel's book; Enterprise Java Beans (which is highly recommended) and he discusses this topic on page 73+. Its accomplished through entries in the deployment descriptor. In a product as well developed as EJB it would be hard to imagine that basic isssues of security would not be addressed in some fashion.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!