Adding a security identity (method level)

Security identities on the method-level are used when another bean calls that method. The security identity specified for the method is then used. The identity can be set to use the identity of the caller, the identity of the EJB server, or the identity of a specific security role.

Method-level security identities are valid for both EJB 1.x and EJB 2.x enterprise beans in either EJB 1.x or 2.x projects.

To add a security identity (method level) to an enterprise bean:

  1. Switch to the J2EE perspective.
  2. In the Project Explorer view, select the deployment descriptor of the desired EJB module.
  3. Right click on the Deployment Descriptor, and select Open With from the pop-up menu.
  4. On the Access page of the editor, select the Security Identity (Method Level) section.
  5. Click Add. The Add Security Identity wizard appears.
  6. Select a run as mode from the following choices:
    • Use identity of caller - With this option, the security service makes no changes to the principal's credential settings.
    • Use identity of EJB server - With this option, the security service alters the principal's credential settings to match the credential settings associated with the EJB server.
    • Use identity assigned to specific role (below) - With this option, a principal that has been assigned to the specified security role is used for the execution of the bean's methods. This association is part of the application binding in which the role is associated with a user ID and password of a user who is granted that role.
  7. If you select Use identity assigned to specific role above, you must select a role name and role description.
  8. Type a description for the new identity in the Security identity description field.
  9. Click Next.
  10. Select one or more enterprise beans from the list of beans found, then click Next.
  11. Select one or more of the method elements for the security identity.
  12. Click Finish.
The security identity is added. To remove the security identity, select it and click the Remove button.

Feedback