On Thu, 02 Sep 2004 10:22:03 -0400, Alan Cabrera <[EMAIL PROTECTED]> wrote: > > > > -----Original Message----- > > From: Prem kalyan [mailto:[EMAIL PROTECTED] > > Sent: Thursday, September 02, 2004 10:04 AM > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: securiy role mapping in openejb-jar.xml ? > > > > hi all, > > > > I have few questions on security role mappings. Before that i > > want to put my understanding about security mappings.If there is > > anything wrong in my understanding please let me know. > > > > I think , > > > > 1 . In ejb-jar.xml we declare security roles in <security-role> > tags. > > > > 2 . In ejb-jar we specify which methods are accessed by which roles > > using <role-name> in <method-permission>. > > > > 3 . In openejb-jar.xml we asscocite principals to security roles , by > > this we are allowing > > all the principals in a role to access those methods which the role > can > > access . > > So far so good. > > > > Qn :- > > > > Why role mappings is part of each EJB.Since we already defined > > what permissions does each role have on each ejb(using > > <method-permissions>) why doing it here again. > > > > Isn't it sifficient to map principals to roles in > openejb.jar? > > > > This level of indirection allows you to take your beans and use them in > an application server of another vendor, e.g. WebLogic. The mapping of > principals to roles is an OpenEJB specific mechanism, hence it is in the > openejb-jar.xml file. > Alan still my question is not answered or i haven't got ur point
I got why role mapping have to be inside openejb-jar.xml . but why it has to inside every EJB in openejb-jar.xml. if i have 10 beans do i have to declare my role mapping in each and every bean. Aren't role mappings independent of ejb security. I mean we define the ejb security in method-permissions using role names.And role mappings is just to bind principals with a role names. > Regards, > Alan > > ----------------------------------------------------------------- > Visit our Internet site at http://www.reuters.com > > Get closer to the financial markets with Reuters Messaging - for more > information and to register, visit http://www.reuters.com/messaging > > Any views expressed in this message are those of the individual > sender, except where the sender specifically states them to be > the views of Reuters Ltd. > > thanx in advance -- regards, prem