The J2EE™ Tutorial Second Edition

EJB-Tier Security

The following sections describe declarative and programmatic security mechanisms that can be used to protect resources in the EJB tier. The protected resources include methods of enterprise beans that are called from application clients, Web components, or other enterprise beans.

You can protect EJB tier resources by doing the following:

Declaring method permissions
Mapping roles to J2EE users and groups

For information about mapping roles to J2EE users and groups, see Mapping Roles to Users and Groups (page 1090).

Declaring Method Permissions

After you've defined the roles (see Setting Up Security Roles, page 1090), you can define the method permissions of an enterprise bean. Method permissions indicate which roles are allowed ...

Get The J2EE™ Tutorial Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The J2EE™ Tutorial Second Edition by Stephanie Bodoff, Eric Armstrong, Jennifer Ball, Debbie Bode Carson, Ian Evans, Dale Green, Kim Haase, Eric Jendrock

EJB-Tier Security

Declaring Method Permissions

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly