Win a copy of Java 9 Modularity: Patterns and Practices for Developing Maintainable Applications this week in the Java 9 forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

How to assing users to certain roles?  RSS feed

 
immer alvarado
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello everyone.

I need clarification here, please. I'm currently learning EJB, and i've read about limitting the access right of methods to the users in certain "roles." I know how the metadata to limit the access rights works. But, what i dont know if how to put the users in the respective roles. Are the users' roles set in the database, and the ejb goes into the database and check to role(if so, how)? I mean, where or how to i progamatically impose that certain users belong to , for example, the customer role or the administrator role? If you know any books, you can also provide the title if you want.

Thank you.
 
Celinio Fernandes
Ranch Hand
Posts: 549
Eclipse IDE Google Web Toolkit Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are several ways to declare roles in an EJB application (database, property files, LDAP ...).
Also since EJB 3.0, you can use annotations in your session beans :
@RolesAllowed("blabla")
@PermitAll
@DenyAll
@RunAs

It's called declarative authorization. As opposed to programmatic authorization (methods getCallerPrincipal() and isCallerInRole() from the javax.ejb.SessionContext object).

You can find many examples online.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!