1 Reply Latest reply on Jul 11, 2008 8:50 AM by jaikiran

    Question on security

    kgoedert
    kgoedert Jul 11, 2008 8:09 AM

      Hi,

      using EJB annotations I can restrict a certain role to have access to a method. I have a situation where a user has roles, and this roles have certain rights.
      Is there anyway I can do this with ejb 3?

      Thanks

      • 1194 Views
      • Tags:
        • 1. Re: Question on security
          jaikiran
          jaikiran Jul 11, 2008 8:50 AM (in response to kgoedert)

          Using the @SecurityDomain and @RolesAllowed, you can restrict the method access. Here's an example:

          @Stateless
@Remote( { UserManagerRemote.class })
@Local (UserManagerLocal.class)
@RemoteBinding(jndiBinding = "RemoteUserManagerBean")
@SecurityDomain (value="other")
public class UserManagerBean implements UserManagerLocal, UserManagerRemote {



 @RolesAllowed (value="admin")
 public User getUser(long id) {
System.out.println("Bean method successfully called");
 // do something
 return user;
 }
}


            • Actions