have a session bean create the account entity based on parameters. Then the user
need not directly create the ejb. You could have another class that is operating
in another role do that.
HTH
Russ
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Schnitzer
> Sent: Thursday, October 19, 2000 6:05 AM
> To: Orion-Interest
> Subject: I hate "guest"
>
>
> Some variant of this has got to be one of the top five questions asked
> on this list, and it has never been answered. I really, really, really
> need a simple answer:
>
> How do I assign security roles to "guest"? Is it even possible?
>
> No matter what I put in the various principals.xml files (and believe
> me, I've tried just about everything) I can't seem to allow the
> unauthenticated user to call an EJB method. It's driving me insane. My
> girlfriend tells me that while sleeping I thrash about mumbilng
> "com.evermind.server.rmi.OrionRemoteException: guest is not allowed to
> call this EJB method..." I'm not by nature a violent person, but if I
> ever meet this "guest", I'm going to reach out and throttle him :-)
>
> I have a reasonably straightforward system which represents users as
> entity beans and allows anyone to connect to the system and create an
> account. Thus, there must be a moment in time when the user must
> interact with the EJB system to create the entity bean *before* he or
> she can be logged in. I want to grant "guest" access to a single method
> on a single session bean. Why can't I seem to do this? I can't imagine
> that this pattern has not been implemented a bazillion times already.
>
> I was able to get everything working before by commenting all
> security-related material out of my EJBs' deployment descriptors (thus
> leaving the system wide open). Now I'm ready to put security back into
> the system, but the web-application <runAs> tag doesn't seem to be
> implemented yet. So I want to give a limited security role to "guest".
> Heeeeeeelp!
>
> Thanks,
> Jeff Schnitzer
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
>
