You can install your own component that performs access control based on role membership. The component must implement the CtsSecurity::RoleService IDL interface. Your custom role service evaluates user membership in EAServer roles, so authorization in your application is still dependent on the role names associated with a package, component, method, or Web resource collection. Using a role service eliminates the need to define role memberships in the Sybase Management Console. For example, you might code your component to retrieve role membership information from a database.
You can also use a Java class with the simplified isUSerInRole API. This is recommended if the implementation is in Java, rather than using a component. If using a Java class, specify its fully qualified class name. The class must contain a method with the signature:
public boolean isUserInRole(String user, String role)
{
...
}
