Hi
I'm trying to restrict EJB method "add" in remote interface, and leave the same method in local interface accessible freely. I tried to use <method-intf> tag to distinguish interfaces. I have following entries:
... <assembly-descriptor> <security-role> <description>Calculator guest</description> <role-name>guest</role-name> </security-role> <security-role> <description>Calculator external role</description> <role-name>externalUser</role-name> </security-role> <method-permission> <role-name>guest</role-name> <method> <ejb-name>CalculatorBean</ejb-name> <method-intf>Home</method-intf> <method-name>add</method-name> </method> </method-permission> <method-permission> <role-name>externalUser</role-name> <method> <ejb-name>CalculatorBean</ejb-name> <method-intf>Remote</method-intf> <method-name>add</method-name> </method> </method-permission> </assembly-descriptor> ...