So far, I’ve left the details of method permissions, as well as roles and transactions, out of deployment discussions, primarily to avoid confusing an already complex set of issues. With the coding in this book done, though, it’s time to circle back around and deal with these issues, as they complete the Forethought deployment descriptors.
First, realize that all these options exist within the
assembly-descriptor element, which itself exists
as a child of the root element in the descriptor,
ejb-jar. It should follow right after the
enterprise-beans element. This is all basic
information, though, so I won’t dwell on it; I
assume you can use your server’s tools and DTDs to
determine the basics of the XML formatting. You should also realize
that the entire
assembly-descriptor element is
optional in a deployment descriptor. That said, the only good reason
for leaving the
assembly-descriptor out is the
case where you are developing beans, but someone else in your
organization is actually deploying your beans. In other words, no
application should have deployed beans (in production) without
assembly descriptors for those beans.
The first option you have is to define one or more security roles. As is detailed in Enterprise JavaBeans , these roles are merely logical; there are no predefined roles in the EJB 2.0 specification that can be used. Instead, the role names used here are mapped at deployment time to actual security parameters in the application environment. ...