How to assign own set of user roles for different Session Bean?s?
Here is business logic: we have users, gaining rights for calling Session Bean?s methods
depends on accessory to the group; group contains records in such form:
name of the Session-Bean -> list of roles available for the given bean;
roles define CRUD operations.
CODE:@Stateless
classSessionBeanA
{
@RolesAllowed("CREATE")
void newClass(String name) { ... }
@RolesAllowed("READ")
List getAll() { ... }
@RolesAllowed("DELETE")
void remove(Long id) { ... }
}
@Stateless
class SessionBeanB
{
@RolesAllowed("READ")
List getList() { ... }
@RolesAllowed("UPDATE")
void changeUser(User u) { ... }
}
and groups with these roles for calling methods:
GroupFirst
SessionBeanA ?> { CREATE, READ }
SessionBeanB ?> { UPDATE }
GroupSecond
SessionBeanA ?> { READ, DELETE }
SessionBeanB ?> { READ, UPDATE }
Suppose that,
user User1 consisted in GroupFirst
and
user User2 consisted in GroupSecond,
then the table of available operations has view:
UserSessionBeanAvailable methodsUser1SessionBeanAnewClass()getAll() SessionBeanBchangeUser()
User2SessionBeanAgetAll()remove()
SessionBeanAgetList()changeUser()
With such organization occurs necessity to define capacity of calling methods in different
Session Beans and user must have different rights for each of the Session-Bean.
Please, give an advice: how it all can be organized or, at least, in what
direction I should work?
(Maybe, dynamical change (on the fly) of user?s roles when we calling one
or another SessionBean will be right decision?
If yes, in which way I should go?)