Hi Rob Castaneda
Thanx for u r reply .
But I want only one user say SUPER user to have te permission to create the
EJB.
In that case how will I do
Thanx in advance
-----Original Message-----
From: Rob Castaneda [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 22, 2001 11:19 PM
To: [EMAIL PROTECTED]
Subject: Re: Regarding method permission
Hi Gururaj,
I believe that your weblogic-ejb-jar.xml should be as follows:
...........
<security-role-assignment>
<role-name>family</role-name>
<principal-name>family</principal-name>
</security-role-assignment>
.....
If you want all the family members to create the bean.
regards,
-Rob
--
Robert Castaneda
[EMAIL PROTECTED]
http://www.customware.com
-----Original Message-----
From: A mailing list for Enterprise JavaBeans development
[mailto:[EMAIL PROTECTED]]On Behalf Of Kosigi Gururaj
Sent: Wednesday, March 21, 2001 5:41 AM
To: [EMAIL PROTECTED]
Subject: Regarding method permission
Hi guys
I created one bean.
now i want to restrict some people from using my bean .
I mean if any user calls the create() method in the home ,he should get the
security exception.
only those users that r listed in the weblogic property file should create.
in weblogic property file i created the group like this ----->
>weblogic.password.appa=appannacharya
>weblogic.password.gururaj=rashmiraj
>weblogic.security.group.family=appa,gururaj
in the ejb-jar.xml ----->
........
<assembly-descriptor>
<security-role>
<description></description>
<role-name>family</role-name>
</security-role>
<method-permission>
<description></description>
<role-name>family</role-name>
<method>
<ejb-name>Component</ejb-name>
<method-name>create</method-name>
</method>
</method-permission>
</assembly-descriptor>
and in weblogic-ejb-jar.xml ------->
...........
<security-role-assignment>
<role-name>family</role-name>
<principal-name>appa</principal-name>
</security-role-assignment>
in my client code -------->
try{
Properties props = System.getProperties();
props.put(Context.SECURITY_PRINCIPAL,"gururaj");
props.put(Context.SECURITY_CREDENTIALS,"rashmiraj");
Context ctx = new InitialContext(props);
MyHelloHome home =
(MyHelloHome)ctx.lookup("component");
MyHello ct = home.create();
}catch(Exception e){
System.out.println("problem in
InitialContext(props)");
e.printStackTrace();
System.exit(-1);
}
if i run this code I must get security exception as the user "gururaj "
doesn't have the permission to invoke the create() method.
only the user "appa" has the permission.
but now when i run my client code it is allowing "gururaj" to create the
bean.
can any one tell where is the mistake
Thanx in advance
Gururaj Kosigi
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
