Client authorization  Chapter 3: Using Web Application Security

Chapter 2: Securing Component Access

Enterprise JavaBeans

Your EJBs are ready for use after deployment, but if you want to modify access control properties, you have two options:

  1. Modify the JAR or War file that contains the EJB and redeploy.

  2. After deploying, modify the EJBs corresponding XML file located in the config subdirectory of your EAServer installation. For example, originally ejb.BeanRemote contains a method called foo() that is only accessible to roles “role1”, if you want to grant access to “role2”:

    1. locate the ejbjar-ejb.BeanRemote.xml file in the config subdirectory.

    2. Search for the line: <permitAccess method="foo()" roles="role1"/>

    3. In the section defining BeanRemote interface, modify the line to: <permitAccess method="foo()" roles="role1, role2"/>

    4. Go to the bin subdirectory of your EAServer installation and recompile the entity using the recompile command script, and refresh the module.




Copyright © 2006. Sybase Inc. All rights reserved. Chapter 3: Using Web Application Security

View this document as PDF