This week's book giveaway is in the Cloud/Virtualization forum.
We're giving away four copies of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds and have James Denton on-line!
See this thread for details.
Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Assigning EJB permissions to private methods ?  RSS feed

 
Ranch Hand
Posts: 782
Chrome Python Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Oreilly's EJB2 book says:


All the methods defined in the remote or home interface and all superinterfaces, including the methods defined in the EJBObject and EJBHome interfaces, can be assigned security roles in the <method-permission> elements. Any method that is excluded will not be accessible by any security role.


I have created a private method in my Stateless Session Bean. Can I assign permissions to methods which are (1) private (2) not exported in the remote nor local interface ? Will they work ?
Regards,
Pho
 
author
Ranch Hand
Posts: 3892
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
By definition, a private method cannot be defined in an interface. Therefore you can't assign a security permission to it. In particular, the Java language specification (section 9.4) states in regard to method declarations in interfaces that the only acceptable method modifiers are public and abstract.
Kyle
[ April 30, 2004: Message edited by: Kyle Brown ]
 
author
Ranch Hand
Posts: 181
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
And for you second question, you can only assign permissions to method on the Local or Remote Interface because these methods are called by the client through proxies that go through the container and do the check before going into your Bean.
Methods that are on the Bean class that are not part of any of the client interfaces can only be called by the bean itself (Unless you instantiate the class yourself but then it is a plain Java class not mananged by the container).
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!