The EJB
1.1 specification defines the following security APIs to
allow enterprise beans to make application decisions based on their callers'
security details.
- java.security.Principal getCallerPrincipal()
- This method is used to determine who invoked the current bean method.
The getCallerPrincipal method is fully supported in CICS®. Details of
the way that the identity of the current caller is determined are shown in Deriving distinguished names.
- boolean isCallerInRole(String SecurityRoleReference)
- This method is used to test whether the current caller is assigned to
a security role that is linked to the security role reference specified on
the method call.
CICS will throw a runtime exception (which conforms to the EJB
1.1 specification)
if the following deprecated EJB 1.0 security APIs are used.
- java.security.Identity getCallerIdentity()
- boolean isCallerInRole(java.security.Identity role)
Note: Note that enterprise beans developed to the Enterprise JavaBeans (EJB) 1.0 specification need to be migrated to the Enterprise
JavaBeans
1.1 specification level, using the supplied development tools.