Assigning
a security identity to a bean is useful when another bean calls that bean.
The security identity can be set to use the identity of the caller or the
identity of a specific security role.
Bean-level security identity was introduced in the EJB 2.0 specification.
It was not a part of the EJB 1.1 specification.
To add a bean-level
security identity:
- In the Project Explorer view of the J2EE perspective, right-click
the Deployment Descriptor for your EJB project and select to
open the deployment descriptor editor.
- On the Access page of the editor, click Add in
the Security Identity (Bean Level) section.
- Select one of the following options:
- Use identity of caller
- Use identity of specific role (below)
- If you selected Use identity of specific role (below),
complete the following steps:
- In the Role name drop-down list, select
the existing security role that you want to require for this bean-level security
identity.
- In the Role description field, enter
a description for the role.
- Type a description for the security identity, and click Next.
- Select one or more enterprise beans from the list of beans found.
- Click Finish.
The security identity is added. To remove the security identity, select
it and click the Remove button.