Exercises
Today's exercise comes in two parts:
Update the EJB Security Model.
Using the code in today's lesson for the Advertise EJB as an example, add security for applicant registration functionality in the Register EJB.
Use declarative security to restrict access to the Register Session bean methods to members of the J2EE RI Applicants group.
Add programmatic security to the Register EJB to allow administrators to create a Register EJB for any name but restrict customers to only create a Register EJB for their caller principal name.
Update the Agency bean to restrict the abilities of a non-administrator to create and delete applicants with a login name the same as their principal name. Don't forget to add the role ref mapping admin onto Administrator ...
Get Sams Teach Yourself J2EE™ in 21 Days, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
