You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by Prem kalyan <pr...@gmail.com> on 2004/09/02 16:03:37 UTC
securiy role mapping in openejb-jar.xml ?
hi all,
I have few questions on security role mappings. Before that i
want to put my understanding about security mappings.If there is
anything wrong in my understanding please let me know.
I think ,
1 . In ejb-jar.xml we declare security roles in <security-role> tags.
2 . In ejb-jar we specify which methods are accessed by which roles
using <role-name> in <method-permission>.
3 . In openejb-jar.xml we asscocite principals to security roles , by
this we are allowing
all the principals in a role to access those methods which the role can access .
Qn :-
Why role mappings is part of each EJB.Since we already defined
what permissions does each role have on each ejb(using
<method-permissions>) why doing it here again.
Isn't it sifficient to map principals to roles in openejb.jar?
thanx in advance
--
regards,
prem