Example: A Secured School
To illustrate, let’s secure access to a SecureSchoolEJB; anyone can see whether a school
is open, but only enrolled students may enter the front door during
operating hours. Additionally, only janitors may use the service door, and
administrators have total access, including the ability to open and close
the school each day. The full example is covered in Appendix G.
The Business Interface
As always, we’ll start by fleshing out the API for our little school. It’ll support both a front and service entrance, and access to each will be defined by the user looking to enter as well as whether the school is open or closed:
/**
* Represents a school holding doors which may be
* opened by various users. Using the EJB Security model,
* access to open a particular door may be blocked
* to certain users.
*
* @author <a href="mailto:andrew.rubinger@jboss.org">ALR</a>
* @version $Revision: $
*/
public interface SecureSchoolLocalBusiness { /** * Closes the school for business. At this point the * front door will be unlocked for all. * This method may only be called by users in role * {@link Roles#ADMIN}. */ void open(); /** * Closes the school for business. At this point the * front door will be locked for all but users * in role {@link Roles#ADMIN} * This method may only be called by admins. */ void close(); /** * Opens the front door. While school is open, * any authenticated user may open the door, else * only the {@link Roles#ADMIN} may open. * * @throws SchoolClosedException ...Get Enterprise JavaBeans 3.1, 6th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
