> -----Original Message-----
> From: Prem kalyan [mailto:[EMAIL PROTECTED]
> Sent: Thursday, September 02, 2004 10:04 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: securiy role mapping in openejb-jar.xml ?
>
> hi all,
>
> I have few questions on security role mappings. Before that i
> want to put my understanding about security mappings.If there is
> anything wrong in my understanding please let me know.
>
> I think ,
>
> 1 . In ejb-jar.xml we declare security roles in <security-role>
tags.
>
> 2 . In ejb-jar we specify which methods are accessed by which roles
> using <role-name> in <method-permission>.
>
> 3 . In openejb-jar.xml we asscocite principals to security roles , by
> this we are allowing
> all the principals in a role to access those methods which the role
can
> access .
So far so good.
> Qn :-
>
> Why role mappings is part of each EJB.Since we already defined
> what permissions does each role have on each ejb(using
> <method-permissions>) why doing it here again.
>
> Isn't it sifficient to map principals to roles in
openejb.jar?
>
This level of indirection allows you to take your beans and use them in
an application server of another vendor, e.g. WebLogic. The mapping of
principals to roles is an OpenEJB specific mechanism, hence it is in the
openejb-jar.xml file.
Regards,
Alan
-----------------------------------------------------------------
Visit our Internet site at http://www.reuters.com
Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging
Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
