O'Reilly logo

Sams Teach Yourself J2EE™ in 21 Days by Peter Roxburgh, Andy Longshaw, Debbie Law, Dan Haywood, Martin Bond

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security and EJBs

EJB security is determined either by the declarative entries added to the DD, the programmatic constraints coded into the EJBs, or a combination of both.

Ideally, EJB security should only use the declarative approach, but where declarative security cannot represent the application's requirements, security must be encoded in the EJB class. The programmatic security is less portable and may restrict the way an application assembler can combine beans from different sources.

Defining EJB Security

Defining security for an EJB involves

  • Defining one or more roles to control access to different areas of your application

  • Restricting access to EJBs and EJB methods according to the clients roles

  • Mapping roles onto principals in the authentication ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required