• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Doubt regarding EJB3 roles

 
Prasad Shindikar
Ranch Hand
Posts: 114
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Is there any real difference between the roles of Bean Provider and Application Assembler ?

If the bean provider makes use of annotations, then I don't understand what would the application assembler do ? Especially since configuring the security aspect of the application is the job of the Deployer.

Can anyone help clarify these roles for me ?
 
Davide Crudo
Ranch Hand
Posts: 62
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Prasad Shindikar wrote:Is there any real difference between the roles of Bean Provider and Application Assembler ?

If the bean provider makes use of annotations, then I don't understand what would the application assembler do ? Especially since configuring the security aspect of the application is the job of the Deployer.

Can anyone help clarify these roles for me ?


Before answering your questions, two clarification just as a reminder on security:

When talking about security, there are two topics involved. One is "Security Role" and one is "Role Mapping". A security Role is defined in the Bean itself, to declare which Role can do what. The Role mapping, is mapping Roles to actual Users.

Since the Bean Provider, doesn't know anything about the actual Users, this task of "Role Mapping" is done by the deployer. The deployer is basically adapting a Bean from a Bean Provider (that can be used by various customers) to a specific environment.

To answer your question:

The Bean provider provides a Bean and defines the "Security Roles". The Application assembler takes one or more beans and put them togheter packaging the application adding any additional components that might required but not supplied from the same Bean Provider. Finally the Deployer maps the roles to actual users in the organization.

I would imagine, using another scenario, the roles to be covered as follow (They are little bit stretched, but just to have a visual on the roles)

imagine a factory producing computers:

Bean Provider:
Chip manufacturer. On the chip, there will be a label with "Warranty void if removed" the chip has the logic and the label sets a Role. If you are not authorized to repair it, warranty voids. (i.e. you cannot access the internal chip if you are not in the role of "Warranty Repair Person".)

Application Assembler
Mainboard assembler. It takes various chips and puts them on the mainboard. If any additional resistor or cable are required, it will put everything togheter to have something that is some kind of working unit but requires additional assembling.

EJB Server Provider
The EJB Server provider is the Computer Case manufacturer providing a case with a power supply. Is a container for the mainboard

Deployer
As every computer case is different and power voltage vary country by country, the Deployer makes sure to adapt the mainboard to the working environment. In this case adjusts the Voltage on the power supply, and connects the cables. At the same time he will define who are the person allowed to repair it (i.e. provide a list of authorized repair centers)

Persistence Provider
the persistence provider could be the network card company that provides the driver to connect to a network.

System Administrator
Is the person in charge to install the operating system and do necessary configuration changes to the OS to connect to the server, and will make sure to monitor that everything is working fine.

I hope the above helps.
I, too, had some difficult time remembering all the roles. This because in many companies various roles overlap.

Regards,
Dave
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic