Security with EJBs
As we already know, EJB security can be managed either programmatically using method calls in the application, or declaratively by making entries in the DD. Using EJBs a security role can be defined. This security role represents a grouping of permissions, which are associated with one or more methods. This means that EJB application security roles are granted permission to execute one or more methods. No distinctions are made pertaining to reading or writing information using an EJB; permissions are associated with method execution only.
Being able to execute a method implies that parameters may be passed to the method and values may be returned from the method. Permissions may be assigned to specific method signatures so ...
Get J2EE™ and Beyond: Design, Develop, and Deploy World-Class Java™ Software now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.