0 Replies Latest reply on May 20, 2007 10:13 AM by dav_ua

    Session Beans with its own personal roles

    dav_ua


      How to assign own set of user roles for different Session Bean?s?

      Here is business logic: we have users, gaining rights for calling Session Bean?s methods
      depends on accessory to the group; group contains records in such form:
      name of the Session-Bean -> list of roles available for the given bean;
      roles define CRUD operations.

      CODE:@Stateless
      classSessionBeanA
      {

      @RolesAllowed("CREATE")
      void newClass(String name) { ... }

      @RolesAllowed("READ")
      List getAll() { ... }

      @RolesAllowed("DELETE")
      void remove(Long id) { ... }

      }
      @Stateless
      class SessionBeanB
      {

      @RolesAllowed("READ")
      List getList() { ... }

      @RolesAllowed("UPDATE")
      void changeUser(User u) { ... }

      }




      and groups with these roles for calling methods:

      GroupFirst
      SessionBeanA ?> { CREATE, READ }
      SessionBeanB ?> { UPDATE }

      GroupSecond
      SessionBeanA ?> { READ, DELETE }
      SessionBeanB ?> { READ, UPDATE }

      Suppose that,
      user User1 consisted in GroupFirst
      and
      user User2 consisted in GroupSecond,
      then the table of available operations has view:

      UserSessionBeanAvailable methodsUser1SessionBeanAnewClass()getAll() SessionBeanBchangeUser()
      User2SessionBeanAgetAll()remove()
      SessionBeanAgetList()changeUser()

      With such organization occurs necessity to define capacity of calling methods in different
      Session Beans and user must have different rights for each of the Session-Bean.

      Please, give an advice: how it all can be organized or, at least, in what
      direction I should work?

      (Maybe, dynamical change (on the fly) of user?s roles when we calling one
      or another SessionBean will be right decision?
      If yes, in which way I should go?)