cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to achieve Entity Bean methods ONLY by calling them from a Session Bean

steffen_spahr2
Participant

on ‎01-07-2009 8:12 AM

0 Kudos

Hi,

I used a session bean as a business facade to a entity bean.

In the session bean I achieve the entity bean with a jndiContext.lookup("java:comp/env/ejbEntityBean").

Now I am looking for a solution that it is only possible to call the entity bean methods or the whole entity bean from the corresponding session bean.

In other words: "How can I forbid the access to the entity bean, if the calling object is not the corresponding session bean?"

--->

I only found a way the regulate the access to the entity bean methods by declaring a security-role.

But the existence of the security-role at runtime depends on the calling user-authorizations!

Is there a way to set the entity-security-role within the session bean context?

Best Regards

Steffen

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎01-07-2009 10:25 AM
0 Kudos

Hi Steffen,

I think there is no tag provided (entity-security-role) .Verify the link.

http://www.orionserver.com/docs/auto/tags/toc.html

Regards,

Srikanth Reddy.T

Show replies
Show replies
steffen_spahr2
Participant
‎01-07-2009 11:48 AM
0 Kudos

Hi Srikanth Reddy.T,

sorry, I am not looking for a special tag <entity-security-role>.

I am looking for a way to specifiy that my session bean "has" the special security-role (in my case "WebZaehlerEjbRole") of my entity bean "in my case "WebZaehlerEjbRole") that is necessary to call the methods (findAlleEntries, findByWindowId,...) of my entity-bean.

Here is the relevant part of my ejb-jar.ml:

<assembly-descriptor>

<security-role>

<role-name>WebZaehlerEjbRole</role-name>

</security-role>

<method-permission>

<description>method-permission</description>

<role-name>WebZaehlerEjbRole</role-name>

<method>

<ejb-name>WebZaehlerBean</ejb-name>

<method-name>findAllEntries</method-name>

<method-params/>

</method>

<method>

<ejb-name>WebZaehlerBean</ejb-name>

<method-name>findByWindowId</method-name>

<method-params>

<method-param>java.lang.Long</method-param>

</method-params>

</method>

Regards,

Steffen

Ask a Question