Getting Started with WebSphere Application Server

More documents

Recommendations

Info

150 Getting Started with WebSphere Application Server Community Edition Declarative security can restrict access to EJBs through annotations in the EJB class or through deployment descriptors based on roles in the EJB application. Listing 8.4 provides an example where annotation is added before the EJB implementation class definition to declare the roles that can access the class. @DeclareRoles( { "general_user ","super_user" }) public class HelloBean implements HelloWorld { … Listing 8.4 - Declare the roles before EJB class definition Listing 8.5 below shows the lines you need to insert before the methods you want to restrict. @RolesAllowed( { "general_user ","super_user" }) public string sayHello(string targetName){ … @RolesAllowed( { "super_user" }) public string sayByebye(string targetName) { … Listing 8.5 - Restrict roles before methods This means that both, the general user and the super user can say “Hello”, but only the super user has the rights to say “Bye bye”. The above annotation statements could be replaced by adding the following lines in EJB’s deployment descriptor (ejb-jar.xml), as shown in Listing 8.6. super_user general_user super_user general_user HelloBean sayHello super_user HelloBean sayByebye
Chapter 8 – Security 151 Listing 8.6 - The equivalent deployment descriptor The benefit of using the deployment descriptors instead of the annotations is that the security definitions can be changed at deployment time, without having to modify the source code. Deployment descriptors always supersede annotations. 8.3.2.2 Programmatic security Programmatic security is implemented in the EJB’s program logic. It references the role definitions in the Geronimo deployment plan. Listing 8.7 shows an example where you define the roles before the EJB implementation class definition. @DeclareRoles( { "super_user", "general_user" }) public class HelloBean implements HelloWorld { … Listing 8.7 - Declare the roles before EJB class definition Listing 8.8 provides an example of the class definition to insert the session context object that will be used to determine if the current user has the declared role. public class HelloBean implements HelloWorld { @Resource private SessionContext ctx; … Listing 8.8 - Inserting a session context Listing 8.9 provides an example of the logic required to perform access control in your program. System.out.println(ctx.getCallerPrincipal().getName()); if (ctx.isCallerInRole("super_user")){ //add any logic that is super user specific. } Listing 8.9 - Programmatic access control 8.3.2.3 Testing EJB security in a standalone client To test EJB security in a standalone client, you first need to add the geronimo-security-2.1.4.jar located under \repository\org\apache\geronimo\framework\geronimosecurity\2.1.4\ into your client project’s build path. This JAR file contains classes that are returned to the client when initializing to the server with a user ID identity. Without this JAR file, you will receive a ClassNotFoundException at runtime. For the initial context, use the properties as shown in Listing 8.10. Hashtable props = new Hashtable();
Page 3 and 4:
G E T T I N G S T A R T E D W I T H
Page 5 and 6:
Notices This information was develo
Page 7 and 8:
Trademarks IBM, the IBM logo, and i
Page 9 and 10:
3.8 Exercises .....................
Page 11 and 12:
9.3.2 Changing port numbers .......
Page 13 and 14:
13 Preface Keeping your skills curr
Page 15:
The DB2 on Campus book series 15
Page 18 and 19:
18 Getting Started with WebSphere A
Page 21 and 22:
1 Chapter 1 - Introduction to WebSp
Page 23 and 24:
Introduction to WebSphere Applicati
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43:
Page 44 and 45:
Page 47 and 48:
3 Chapter 3 - Development with Comm
Page 49 and 50:
Chapter 3 - Development with Commun
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
4 Chapter 4 - Working with database
Page 67 and 68:
Chapter 4 - Working with databases
Page 69 and 70:
Page 71 and 72:
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
5 Chapter 5 - Enterprise Java Beans
Page 91 and 92:
1. Define local and remote interfac
Page 93 and 94:
Chapter 5 - Enterprise Java Beans 9
Page 95 and 96:
Chapter 5 - Enterprise Java Beans 9
Page 97 and 98:
Note: Chapter 5 - Enterprise Java B
Page 99 and 100: Chapter 5 - Enterprise Java Beans 9
Page 109 and 110: 6 Chapter 6 - Messaging Messaging i
Page 111 and 112: Chapter 6 - Messaging 111 3. Messag
Page 113 and 114: Chapter 6 - Messaging 113 2. Get JM
Page 115 and 116: Chapter 6 - Messaging 115 Figure 6.
Page 117 and 118: Chapter 6 - Messaging 117 Figure 6.
Page 119 and 120: Chapter 6 - Messaging 119 For examp
Page 121 and 122: textMessage.getText()); } catch (JM
Page 123 and 124: Chapter 6 - Messaging 123 3. Copy t
Page 125: Chapter 6 - Messaging 125 D. Messag
Page 128 and 129: 128 Getting Started with WebSphere
Page 161: PART III - ADMINISTERING COMMUNITY
Page 181 and 182: 10 Chapter 10 - Tuning a Community
Page 183 and 184: Chapter 10 - Tuning a Community Edi
Page 191 and 192: 10.4.2 Operating system tuning Chap
Page 193: Chapter 10 - Tuning a Community Edi
Page 200 and 201:
200 Getting Started with WebSphere
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 211 and 212:
A Appendix A - Solutions to review
Page 213 and 214:
Appendix A - Solutions to review qu
Page 215 and 216:
Page 217 and 218:
Page 219 and 220:
B Appendix B - Up and running with
Page 221 and 222:
Appendix B - Up and running with DB
Page 223 and 224:
4. The following is performed by de
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235:
C Appendix C - Using the sample cod
Page 238 and 239:
Page 240:
show all

Getting Started with WebSphere Application Server

Create successful ePaper yourself

Delete template?

Save as template?